watch-cli-video-agent

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). While most links point to common content platforms (YouTube, Twitter, LinkedIn), the set includes an unknown GitHub repo (github.com/sonpiaz/watch-cli) and a direct raw GitHub install script (raw.githubusercontent.com/.../install.sh) that the skill explicitly tells users to curl | bash — a high‑risk pattern for distributing malicious executables/scripts if the source is not trusted.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's core "watch " command (Core Commands / Patterns for AI Agents) explicitly downloads and ingests videos from public platforms (YouTube, X/Twitter, LinkedIn, TikTok, Reddit, Vimeo, Facebook), extracts frames and transcripts, and instructs the agent to read and act on that untrusted user-generated content (e.g., implement code, clone UI), which could allow indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). Flagged because the README instructs running a remote installer that is fetched and executed at install time via "curl -fsSL https://raw.githubusercontent.com/sonpiaz/watch-cli/main/install.sh | bash", which downloads and runs remote code required to install/use the skill.