Skills
skills/inferen-sh/skills/chat-ui/Gen Agent Trust Hub

chat-ui

Fail

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill's 'Quick Start' section instructs users to run npx shadcn@latest add https://ui.inference.sh/r/chat.json. The domain inference.sh does not match the verified domain patterns for the author 'inferen-sh' (which include 'inferen-sh.com' and 'inferen-sh.io') and appears to be a typosquatted variation. This command fetches a remote JSON registry and installs components on the user's system.
  • [COMMAND_EXECUTION]: The 'Related Skills' section recommends installing additional packages using npx skills add inference-sh/skills@.... The GitHub organization inference-sh is a typosquatted variation of the author handle inferen-sh, violating the expected identity of the skill author.
  • [REMOTE_CODE_EXECUTION]: Both the shadcn and skills add commands involve downloading and executing remote configurations or skill code. Because these resources are hosted on sources that appear to impersonate the author's identity through character substitutions (adding 'ce'), they are considered high-risk remote code execution vectors.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 12, 2026, 09:55 PM