Skills
skills/inf-sh/skills/linkedin-content/Gen Agent Trust Hub

linkedin-content

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [Remote Code Execution] (CRITICAL): The skill directs users to execute curl -fsSL https://cli.inference.sh | sh. This is a critical security risk because it executes a remote script directly in the shell without any verification or code signing checks. The domain inference.sh is not a trusted source.
  • [External Downloads] (MEDIUM): The skill uses npx skills add to fetch and install external dependencies from inference-sh/skills. Since this repository and organization are not in the trusted list, this introduces unverified code into the user's environment.
  • [Indirect Prompt Injection] (LOW): The skill has a surface for indirect prompt injection via external search results.
  • Ingestion points: Data retrieved from tavily/search-assistant is used as research for generating posts.
  • Boundary markers: No delimiters are used to separate the external search content from the agent's instructions.
  • Capability inventory: The skill possesses the Bash tool with infsh capabilities, enabling it to perform network operations and post to external accounts.
  • Sanitization: The instructions do not specify any sanitization or filtering of the search results before they are processed by the LLM.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 18, 2026, 01:56 AM