coderabbit

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). This is a direct link to a shell installer on a third‑party domain (cli.coderabbit.ai); piping or executing remote .sh files is a common malware vector unless the domain and script are verified and signed.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly runs the external CodeRabbit CLI ("coderabbit review" in Workflow Step 1) and ingests/parses its output to make classification and fix-plan decisions, which exposes the agent to untrusted third-party-generated content that can influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs at runtime to install a required dependency via curl -fsSL https://cli.coderabbit.ai/install.sh | sh, which fetches and immediately executes a remote shell script (remote code execution) to satisfy a required dependency.