Skills
NYC
skills/inference-sh-4/skills/case-study-writing/Gen Agent Trust Hub

case-study-writing

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (HIGH): The skill instructs the user to run curl -fsSL https://cli.inference.sh | sh. This is a high-risk pattern that executes unverified remote scripts directly in the terminal.
  • [EXTERNAL_DOWNLOADS] (HIGH): Executable content is downloaded from cli.inference.sh, which is not a trusted domain. This is flagged as high severity due to the immediate execution of the downloaded code.
  • [COMMAND_EXECUTION] (MEDIUM): The skill uses infsh to execute remote apps and run dynamically generated Python scripts for data visualization, which introduces a risk of malicious code injection through dynamic execution.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 18, 2026, 11:39 PM