data-visualization
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Remote Code Execution (HIGH): The skill utilizes a dangerous piped shell command (
curl | sh) to execute a script directly fromhttps://cli.inference.sh. This method is a high-risk pattern because it allows an external, untrusted source to run arbitrary code on the host system without prior verification or integrity checks.\n- External Downloads (MEDIUM): The command fetches executable content fromcli.inference.sh. This domain is not included in the list of Trusted External Sources (such as verified GitHub organizations or official package registries), making the download and subsequent execution highly suspect.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata