betterprompt

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). These links point to an install script served as raw GitHub content (curl | bash https://raw.githubusercontent.com/BetterPromptme/betterprompt/main/install.sh) which is a high-risk pattern because it executes remote shell code from an external repository—while the GitHub repo and matching domain look legitimate, running an unreviewed .sh from an unfamiliar publisher is unsafe without manual inspection.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The agent explicitly fetches and inspects user-contributed skill definitions from the BetterPrompt registry (via commands like betterprompt skill search and betterprompt skill info <slug> --json) and the doc even states “A skill is essentially a prompt with instructions” which the agent must read/validate from the skill.md and then execute—allowing untrusted, third-party prompt content to influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill documentation includes an installation command that runs "curl -fsSL https://raw.githubusercontent.com/BetterPromptme/betterprompt/main/install.sh | bash", which fetches and executes remote code and is presented as a way to install the required BetterPrompt CLI.