ai-social-media-content
Fail
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The skill contains the command
curl -fsSL https://cli.inference.sh | shin the Quick Start section. This is a 'curl-to-pipe' pattern that executes remote code with the user's current privileges without prior inspection. - Evidence: SKILL.md line 14:
curl -fsSL https://cli.inference.sh | sh && infsh login. - [EXTERNAL_DOWNLOADS] (HIGH): The skill initiates downloads from
inference.shanddist.inference.sh. These domains are not part of the 'Trusted External Sources' whitelist, posing a supply-chain risk. - [COMMAND_EXECUTION] (MEDIUM): The skill requires the
Bash(infsh *)tool and provides multiple complex shell scripts involving loops and variable interpolation to process data across various AI models. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes content using LLMs (Claude via OpenRouter) for copywriting. It has the surface area for injection if user-provided concept strings are interpolated directly into prompts without sanitization.
- Ingestion points:
$CONCEPTvariable in shell scripts. - Boundary markers: Absent in the provided shell templates.
- Capability inventory: High (file writing, shell execution via
infsh). - Sanitization: None detected in the script templates.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata