ai-automation-workflows
Fail
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Remote Code Execution (CRITICAL): The skill uses a dangerous pattern 'curl | sh' to execute code from 'https://cli.inference.sh'.
- Execution Method: Piped shell execution (curl -fsSL ... | sh) which bypasses local file inspection.
- Untrusted Source: The domain 'inference.sh' is not on the list of trusted external sources, increasing the risk of malicious payload delivery.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata