Skills
skills/inf-sh/skills/pitch-deck-visuals/Gen Agent Trust Hub

pitch-deck-visuals

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • Remote Code Execution (CRITICAL): The skill uses the highly dangerous pattern curl | sh to execute code from https://cli.inference.sh.
  • Evidence: Automated scanning detected curl -fsSL https://cli.inference.sh | sh.
  • Risk: This allows the remote server to execute any command on the agent's host system, bypassing all security reviews.
  • External Downloads (MEDIUM): The skill references an external domain cli.inference.sh which is not on the trusted sources list.
  • Risk: Untrusted domains can serve malicious payloads or be subject to domain hijacking.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 18, 2026, 01:57 AM