ai-social-media-content
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (HIGH): The skill instructs the user and agent to execute a remote script using the pattern
curl -fsSL https://cli.inference.sh | sh. This is a critical security risk as it downloads and executes unverified code from a non-trusted external source directly into the shell context. - [EXTERNAL_DOWNLOADS] (HIGH): The skill references and installs multiple components from
inference.shandnpx skills add inference-sh/skills. Since 'inference-sh' is not in the recognized trusted sources list, these represent unverifiable external dependencies. - [COMMAND_EXECUTION] (MEDIUM): The skill requests
allowed-tools: Bash(infsh *), which grants the AI agent the ability to execute any subcommand of theinfshutility. This provides a broad attack surface if the agent is manipulated into running unintended commands. - [PROMPT_INJECTION] (LOW): The skill uses shell variable interpolation (e.g.,
"$CONCEPT"and"$topic") to build command strings from user-controlled data. This lacks sanitization or boundary markers, creating a surface for indirect prompt injection where a user could provide malformed input to break the JSON structure or execute unintended logic within theinfshtool.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata