Skills
skills/inf-sh/skills/ai-social-media-content/Gen Agent Trust Hub

ai-social-media-content

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • REMOTE_CODE_EXECUTION (CRITICAL): The 'Quick Start' section includes the command curl -fsSL https://cli.inference.sh | sh. This pattern is highly dangerous as it executes unverified code from an untrusted external domain with the permissions of the current user.\n- COMMAND_EXECUTION (HIGH): The skill relies on the infsh command-line tool, which is not a standard system utility and is installed via the aforementioned insecure method. All subsequent content generation workflows depend on this unverified binary.\n- EXTERNAL_DOWNLOADS (MEDIUM): The skill references and installs tools from inference.sh, which is not included in the list of Trusted External Sources. This increases the risk of supply chain attacks or execution of malicious binaries.\n- PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection (Category 8).\n
  • Ingestion points: Untrusted data enters via the prompt fields in the infsh command examples in SKILL.md.\n
  • Boundary markers: Absent; there are no delimiters or warnings to ignore embedded instructions.\n
  • Capability inventory: The agent has the capability to execute bash commands (via infsh) and write files (e.g., > script.json).\n
  • Sanitization: Absent; user-provided prompts are interpolated directly into shell strings without escaping or validation.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 18, 2026, 02:00 AM