newsletter-curation
Fail
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill's installation instructions use a piped shell command:
curl -fsSL https://cli.inference.sh | sh. This method downloads and executes a script from the vendor's infrastructure to set up the requiredinfshCLI tool. - [COMMAND_EXECUTION]: The skill frequently executes the
infshcommand to run various internal applications for search, image generation, and social media posting. - [EXTERNAL_DOWNLOADS]: The skill suggests adding related dependencies using
npx skills add, which fetches additional skill configurations from the vendor's repository. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by design.
- Ingestion points: Web content retrieved via
tavily/search-assistantandexa/searchinSKILL.md. - Boundary markers: Data is passed as structured JSON inputs.
- Capability inventory: The skill has access to the
Bashtool restricted to theinfshcommand. - Sanitization: No specific sanitization or filtering of external content is implemented.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
Audit Metadata