infer-setup
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands to check for SDK and MCP updates using 'npm view' and 'npm ls', and manages a local directory at '~/.infer' for caching and configuration.
- [EXTERNAL_DOWNLOADS]: The skill automates the installation of the '@inferevents/sdk' and '@inferevents/mcp' packages from the npm registry.
- [CREDENTIALS_UNSAFE]: The skill collects and stores sensitive API 'Read keys' in a local configuration file ('~/.infer/config.json') and instructs the agent to embed 'Write keys' into the application's source code files.
- [PROMPT_INJECTION]: The skill ingests data from external sources, including user-pasted setup prompts, project configuration files, and source code, to drive the configuration process.
- Ingestion points: User-pasted setup prompts, 'package.json' files, and project source files.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the processing logic.
- Capability inventory: File system access (reading/writing project and configuration files), shell command execution (npm install), and modification of agent-level MCP configuration.
- Sanitization: No evidence of sanitization or validation of the processed external content is provided.
Audit Metadata