Skills
AGENT LAB: SKILLS
skills/inference-sh-3/skills/ai-social-media-content/Gen Agent Trust Hub

ai-social-media-content

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [Remote Code Execution] (HIGH): The skill uses the pattern curl -fsSL https://cli.inference.sh | sh to install its CLI. This executes remote code from a non-trusted domain directly in the shell with user privileges, which is a high-risk security vector.
  • [Command Execution] (MEDIUM): The skill requires the Bash tool to run the infsh utility, granting it broad system interaction capabilities that could be abused.
  • [External Downloads] (MEDIUM): The skill suggests installing additional components from the untrusted inference-sh repository using npx skills add, which facilitates further external code execution.
  • [Indirect Prompt Injection] (LOW): The skill interpolates user-controlled data (e.g., CONCEPT, TOPICS) into shell command strings without sanitization or boundary markers. 1. Ingestion points: Bash variable assignments in SKILL.md. 2. Boundary markers: None. 3. Capability inventory: Bash(infsh *) in SKILL.md. 4. Sanitization: None demonstrated.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 19, 2026, 03:41 AM