Skills
AGENT LAB: SKILLS
skills/inference-sh-4/skills/twitter-automation/Gen Agent Trust Hub

twitter-automation

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (HIGH): The skill documentation instructs users to execute curl -fsSL https://cli.inference.sh | sh. This is a critical security risk as it runs unverified remote scripts directly in the system shell.\n- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill relies on software hosted at inference.sh, which is not included in the list of trusted external sources, making its integrity unverifiable.\n- [COMMAND_EXECUTION] (MEDIUM): The skill requires permission to use the Bash tool to run the infsh CLI. Combined with the untrusted installation source, this creates a significant attack surface.\n- [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection because it passes untrusted input (e.g., tweet text) directly into command-line arguments without sanitization. Mandatory Evidence: 1. Ingestion points: infsh command arguments in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Bash tool execution. 4. Sanitization: None detected.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 18, 2026, 11:04 PM