Skills
skills/1nfsh-s3/skills/twitter-thread-creation/Gen Agent Trust Hub

twitter-thread-creation

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • Remote Code Execution (HIGH): The skill documentation includes a command curl -fsSL https://cli.inference.sh | sh. This is a high-risk pattern as it executes an unverified remote script directly in the user's shell environment. The domain inference.sh is not on the trusted sources list.\n- External Downloads (MEDIUM): The skill uses npx skills add to install additional unknown skills from the inference-sh organization. These represent unverified third-party dependencies that are downloaded and executed at runtime.\n- Indirect Prompt Injection (LOW): The skill utilizes tools such as infsh/agent-browser and tavily/search-assistant to fetch data from external URLs, which represents a surface for indirect prompt injection.\n
  • Ingestion points: SKILL.md (via infsh/agent-browser and tavily/search-assistant calls).\n
  • Boundary markers: Absent. The skill does not define clear delimiters or instructions for the agent to ignore embedded commands in the fetched content.\n
  • Capability inventory: Execution of bash commands via infsh and package installation via npx.\n
  • Sanitization: Absent. No evidence of input validation or output escaping is provided.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 19, 2026, 08:40 PM