Skills
skills/1nfsh-s3/skills/logo-design-guide/Gen Agent Trust Hub

logo-design-guide

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (CRITICAL): Detected the use of piped remote script execution via curl -fsSL https://cli.inference.sh | sh. This pattern allows a remote server to execute arbitrary commands on the system without prior local verification.
  • [EXTERNAL_DOWNLOADS] (HIGH): The skill installs software and dependencies from an untrusted domain (inference.sh). This includes the initial CLI installer and additional components fetched via npx skills add.
  • [COMMAND_EXECUTION] (MEDIUM): The skill utilizes the Bash tool to run the infsh CLI. This allows for broad system interaction beyond the intended scope of image generation.
  • [PROMPT_INJECTION] (LOW): The skill exhibits an indirect prompt injection surface by passing user-defined strings into shell commands.
  • Ingestion points: The prompt field within the infsh app run commands.
  • Boundary markers: Absent; instructions and data are not clearly delimited.
  • Capability inventory: Shell command execution via Bash tool and network requests via the infsh binary.
  • Sanitization: No evidence of sanitization or escaping for user-supplied prompt strings.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 19, 2026, 08:10 PM