Skills
skills/1nfsh-s3/skills/technical-blog-writing/Gen Agent Trust Hub

technical-blog-writing

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • Remote Code Execution (CRITICAL): The skill uses the pattern curl -fsSL https://cli.inference.sh | sh, which downloads and immediately executes a script from the internet. This allows for arbitrary code execution on the host system without any verification or integrity checks.
  • External Downloads (HIGH): The domain cli.inference.sh is not a trusted source. Downloading and executing content from unverified third-party domains poses a severe supply chain risk.
  • Command Execution (HIGH): Piping network output directly to a shell (| sh) bypasses local security controls and is a common technique for malware installation.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 19, 2026, 07:38 PM