officecli-pptx

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These are direct links to a GitHub repo's raw install scripts and its releases API for an unverified/unknown project — and the skill explicitly recommends piping curl to bash / PowerShell IEX, which is high-risk because it executes unreviewed remote code and could distribute malware.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "BEFORE YOU START" step explicitly instructs running curl against public GitHub URLs (e.g., https://raw.githubusercontent.com/iOfficeAI/OfficeCli/main/install.sh and https://api.github.com/repos/iOfficeAI/OfficeCLI/releases/latest) and piping the fetched install script to bash to install/upgrade officecli, which fetches and executes untrusted third‑party content that directly influences whether the agent installs or upgrades tooling.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill contains a pre-runtime install/update check that fetches and executes remote installer scripts (e.g., curl -fsSL https://raw.githubusercontent.com/iOfficeAI/OfficeCli/main/install.sh | bash and irm https://raw.githubusercontent.com/iOfficeAI/OfficeCli/main/install.ps1 | iex), which are runtime external dependencies that execute remote code and therefore pose a clear risk.