Skills
AGENT LAB: SKILLS
skills/inference-sh-3/skills/email-design/Gen Agent Trust Hub

email-design

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • Remote Code Execution (CRITICAL): The skill utilizes a highly dangerous pattern where a script is downloaded via curl and piped directly into sh for execution (curl -fsSL https://cli.inference.sh | sh).
  • Evidence: Source URL https://cli.inference.sh is not among the trusted repositories or organizations defined in the security policy.
  • Risk: This execution method bypasses manual review of the code being run. An attacker controlling the domain or intercepting the traffic could execute malicious commands, steal sensitive data, or install persistent backdoors on the host system.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 19, 2026, 03:41 AM