find-skills

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). These links point to a third‑party skills site (skills.sh) plus a direct raw GitHub shell script (install.sh) that the skill prompt recommends installing via curl | sh from an unvetted account — executing remote .sh code without verification is a high‑risk pattern even if some components (GitHub, Anthropics) look legitimate.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly directs using mh skills find [query] and browsing https://skills.sh/ (see SKILL.md "Step 2: Search for Skills"), which pulls public, user-contributed skill listings and repository links that the agent is expected to read and use (e.g., to present install commands), exposing it to untrusted third‑party content that could inject instructions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill requires the mh CLI and explicitly instructs running curl -fsSL https://raw.githubusercontent.com/vaayne/mcphub/main/scripts/install.sh | sh which fetches and executes remote code at runtime, making that URL a high-risk external dependency.