officecli-xlsx

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These are raw GitHub-hosted shell and PowerShell installer scripts intended to be piped directly to a shell/iex from an unverified repository (iOfficeAI) — executing remote .sh/.ps1 blindly is a high-risk pattern because the scripts can run arbitrary code and I cannot verify the repo's trustworthiness or activity here.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md "BEFORE YOU START" section instructs fetching and executing an install script from a public raw.githubusercontent.com URL (curl ... | bash and irm https://raw.githubusercontent.com/... | iex), which clearly ingests untrusted third‑party content as part of the required workflow and could materially alter tool behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's BEFORE YOU START instructions explicitly run remote install scripts at runtime (curl -fsSL https://raw.githubusercontent.com/iOfficeAI/OfficeCLI/main/install.sh | bash and irm https://raw.githubusercontent.com/iOfficeAI/OfficeCLI/main/install.ps1 | iex), which download and execute remote code to install the required officecli dependency.