Skills
skills/inference-sh-3/skills/app-store-screenshots/Gen Agent Trust Hub

app-store-screenshots

Fail

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill documentation includes the command curl -fsSL https://cli.inference.sh | sh, which implements a 'pipe to shell' pattern. This method executes a remote script with the user's local privileges without providing an opportunity for prior code inspection.
  • [EXTERNAL_DOWNLOADS]: During setup and use, the skill fetches scripts and binaries from external domains, specifically cli.inference.sh and dist.inference.sh.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to run the infsh CLI for authentication and for triggering remote AI models to generate marketing assets.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by interpolating user-provided text prompts into shell commands.
  • Ingestion points: The prompt field in the input JSON for infsh app run commands (found in SKILL.md).
  • Boundary markers: None; user input is embedded directly into command-line strings.
  • Capability inventory: Execution of shell commands via the Bash tool and the infsh utility.
  • Sanitization: No sanitization or escaping of the user-provided prompt is performed before it is passed to the command line.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 25, 2026, 01:02 AM