Skills
skills/inference-sh-3/skills/customer-persona/Gen Agent Trust Hub

customer-persona

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The documentation suggests installing the infsh CLI by piping a script from https://cli.inference.sh directly to a shell (| sh). This is the vendor's official installation method and matches the domain associated with the skill author.
  • [COMMAND_EXECUTION]: The skill uses the infsh CLI to run external research and AI image generation applications (e.g., tavily/search-assistant, falai/flux-dev-lora). This execution is governed by the allowed-tools configuration which restricts the agent to the infsh command.
  • [EXTERNAL_DOWNLOADS]: The installation script downloads binary executables from dist.inference.sh after performing OS and architecture detection. The skill also references external dependencies from the inference-sh package scope via npx.
  • [SAFE]: Data Ingestion Surface (Category 8). The skill ingests data from external search providers to populate persona templates. While this represents a surface for indirect prompt injection from external web content, the behavior is core to the research-driven purpose of the skill and does not escalate privilege or exfiltrate data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 01:02 AM