prompt-engineering
Fail
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The skill instructs the agent/user to execute
curl -fsSL https://cli.inference.sh | sh. This pattern is highly insecure as it pipes unverified remote content directly into a shell interpreter, allowing the server atcli.inference.shto execute any command on the user's machine. - EXTERNAL_DOWNLOADS (MEDIUM): The skill depends on a CLI tool (
infsh) hosted on a non-standard, third-party domain (inference.sh) that is not included in the trusted source whitelist. There is no integrity verification (e.g., checksums) for this download. - COMMAND_EXECUTION (LOW): The
allowed-toolsconfigurationBash(infsh *)provides the agent with broad permission to execute any subcommand of theinfshtool, which could be exploited if the tool has undocumented or dangerous capabilities.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata