Skills
AGENT LAB: SKILLS
skills/inference-sh-3/skills/twitter-automation/Gen Agent Trust Hub

twitter-automation

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • REMOTE_CODE_EXECUTION (HIGH): The skill contains instructions to execute curl -fsSL https://cli.inference.sh | sh. This is an insecure pattern that downloads and executes an arbitrary shell script from a non-trusted external domain without any integrity checks or verification.
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill downloads and installs a CLI tool from inference.sh, which is not a verified or trusted source according to the security guidelines.
  • COMMAND_EXECUTION (LOW): The skill utilizes the Bash tool to run infsh commands. This allows an external, third-party executable to run commands on the user's system, creating a dependency on the security of the infsh binary.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill processes untrusted data (user-provided text and media URLs) and interpolates them into shell commands (e.g., infsh app run x/post-tweet --input '...'). There are no boundary markers or explicit sanitization steps documented to prevent command injection or tool-use manipulation via malicious inputs.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 19, 2026, 03:41 AM