run-research

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). These are raw .sh installer scripts hosted under an unfamiliar GitHub user and the skill instructs piping them straight to a shell (curl|sh), a high‑risk pattern because such scripts can run arbitrary commands without any verification of the author or the script contents.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Yes — SKILL.md (Steps 1–3, especially "STEP 2: Run Sources" and "STEP 3: Judge Agent") requires fetching and reading content from Reddit, X (bird), YouTube transcripts, and web pages (via brave-cli/WebSearch), which are untrusted, user-generated third‑party sources that the agent must interpret and use to drive recommendations and next actions.