Skills
skills/inference-sh-8/skills/competitor-teardown/Gen Agent Trust Hub

competitor-teardown

Fail

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill uses a piped-to-shell installation method for the vendor's CLI: curl -fsSL https://cli.inference.sh | sh. This allows remote scripts to run locally during setup.
  • [EXTERNAL_DOWNLOADS]: The CLI installation process fetches binary files from dist.inference.sh tailored to the user's platform.
  • [COMMAND_EXECUTION]: The skill executes infsh commands to interact with specialized apps and uses npx to manage dependencies from the vendor's ecosystem.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by ingesting and acting upon untrusted content from the web.
  • Ingestion points: External data is collected via tavily/search-assistant, exa/search, and tavily/extract tools.
  • Boundary markers: No specific delimiters or safety instructions are provided to the agent to ignore instructions embedded in the crawled data.
  • Capability inventory: The skill allows for the execution of Python code via infsh/python-executor and browser automation via infsh/agent-browser.
  • Sanitization: No data validation or content sanitization is mentioned before processing external search results.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 27, 2026, 02:29 PM