uv

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). This is a direct link to an executable shell script (curl | sh) on a third‑party domain (astral.sh); piping and running remote scripts from an unverified source is high risk and can be used to distribute malware.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs running a fetched installer via "curl -LsSf https://astral.sh/uv/install.sh | sh" (step 3b), which downloads and executes untrusted third‑party code from a public website and can materially alter runtime behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill includes a runtime installation step that fetches and pipes a remote shell script to the shell (curl -LsSf https://astral.sh/uv/install.sh | sh), which executes remote code and is required for the skill.