Skills
skills/aradotso/trending-skills/flash-moe-inference/Gen Agent Trust Hub

flash-moe-inference

Fail

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs users to clone an external GitHub repository (https://github.com/danveloper/flash-moe) which is not managed by a verified or well-known technology provider.
  • [REMOTE_CODE_EXECUTION]: The requirement to download and build code from an unverified third-party repository creates a vector for remote code execution, as arbitrary code may be executed during the build process or at runtime.
  • [COMMAND_EXECUTION]: The skill requires running multiple shell commands, including make for compilation and the execution of the resulting binaries such as ./infer and ./chat. These commands interact directly with the host operating system.
  • [PROMPT_INJECTION]: The skill facilitates indirect prompt injection by processing untrusted user input through a local inference engine. Mandatory evidence: (1) Ingestion points: User prompts via CLI arguments and TUI input; (2) Boundary markers: Absent; (3) Capability inventory: Local file access and binary execution in infer.m, chat.m, and main.m; (4) Sanitization: Not implemented.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 21, 2026, 03:01 AM