competitor-teardown
Fail
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- Remote Code Execution (CRITICAL): A confirmed detection of piped remote execution was found. The command 'curl -fsSL https://cli.inference.sh | sh' downloads code from the internet and executes it without any integrity checks or local verification.
- External Downloads (HIGH): The skill references 'https://cli.inference.sh', which is not a recognized trusted source. Downloads from unverified domains pose a significant risk of supply chain attacks or malicious payload delivery.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata