Skills
AGENT LAB: SKILLS
skills/inference-sh-3/skills/content-repurposing/Gen Agent Trust Hub

content-repurposing

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • Remote Code Execution (CRITICAL): The skill documentation includes a command curl -fsSL https://cli.inference.sh | sh for installation. This is a classic RCE vector where the content of the remote script is executed without verification. This finding is confirmed by the provided automated scanner alert.
  • External Downloads (HIGH): The skill installs the infsh CLI and additional components using npx skills add from the inference-sh organization, which is not on the trusted external sources list.
  • Indirect Prompt Injection (LOW):
  • Ingestion points: The skill is designed to process external content such as blog posts and podcast transcripts (e.g., in the 'Podcast Episode -> Blog Post' recipe).
  • Boundary markers: Absent. The skill does not use delimiters or instructions to prevent the agent from following instructions hidden within the source content.
  • Capability inventory: The skill has access to the Bash tool and infsh which can post to social media (x/post-create) and run remote AI models.
  • Sanitization: Absent. Content extracted from transcripts or blogs is passed directly as input to subsequent tools.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 19, 2026, 03:41 AM