competitor-teardown
Fail
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Remote Code Execution] (CRITICAL): The skill uses a 'curl | sh' pattern to download and execute code from 'https://cli.inference.sh'. This pattern is highly dangerous as it grants a remote server full control over the execution environment.
- [External Downloads] (HIGH): The skill attempts to download resources from a domain that is not part of the Trusted External Sources list. Under the assume-malicious posture, this is treated as a high-risk external dependency.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata