Skills
AGENT LAB: SKILLS
skills/inference-sh-4/skills/press-release-writing/Gen Agent Trust Hub

press-release-writing

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • Remote Code Execution (HIGH): The skill documentation includes the command curl -fsSL https://cli.inference.sh | sh. This pattern downloads and executes a shell script directly from a remote server without any verification or integrity checks, posing a significant RCE risk.
  • External Downloads (MEDIUM): The skill uses npx skills add to download and install additional skills from the inference-sh organization, which is not recognized as a trusted provider.
  • Indirect Prompt Injection (LOW): The skill employs tools to ingest external data from web searches which could contain adversarial content. 1. Ingestion points: Output from infsh app run commands. 2. Boundary markers: Absent in prompt examples. 3. Capability inventory: The skill has permissions for Bash(infsh *). 4. Sanitization: Absent.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 18, 2026, 11:54 PM