Skills
skills/inference-sh-3/skills/youtube-thumbnail-design/Gen Agent Trust Hub

youtube-thumbnail-design

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill uses a piped-to-shell command to install the necessary 'infsh' CLI tool from the vendor's domain.
  • Evidence: curl -fsSL https://cli.inference.sh | sh in SKILL.md.
  • [EXTERNAL_DOWNLOADS]: Fetches binary files and verification checksums from vendor-controlled infrastructure.
  • Evidence: The installation process involves downloading binaries from dist.inference.sh and verifying them against checksums at dist.inference.sh/cli/checksums.txt.
  • [REMOTE_CODE_EXECUTION]: Instructions include using npx to add related skills, which involves fetching and executing packages from the npm registry.
  • Evidence: npx skills add inference-sh/skills@ai-image-generation and other similar commands in the 'Related Skills' section.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 01:02 AM