curl

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that embed credentials directly in commands (e.g., -u username:password, curl headers like "PRIVATE-TOKEN: ..."), which instructs the agent to place secret values verbatim into output and thus poses a high exfiltration risk.

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). Yes — the list contains generic/untrusted HTTP(S) download links (including a direct install.sh and ZIP download and an example that pipes a remote shell script to sh), which are high-risk patterns commonly used to distribute malware or unwanted code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md examples explicitly instruct using curl to fetch and process content from arbitrary public URLs (e.g., curl http://example.com/…, curl http://ifconfig.me/all.json, and curl -fsSL https://example.com/install.sh | sh), so the skill demonstrates fetching and acting on untrusted third‑party content that could enable indirect prompt injection.