ai-automation-workflows

This skill repository is a set of safe-looking automation templates that rely entirely on a third-party CLI (infsh) and remote model providers. The primary supply-chain and security concerns are the use of a curl|sh install pattern (download-and-execute), dependence on remote binaries/services (infsh, model backends), and examples that send arbitrary local file contents and command output to external services or webhooks. There is no clear evidence of intentionally malicious code (no hardcoded credentials, no obfuscated payloads, no reverse shells), so confirmed malware probability is low. However, the download-execute install, broad network sinks, and example patterns that post data to webhooks or transmit local files make this set of templates moderately risky in practice — users should avoid pipe-to-shell installation, verify checksums manually, restrict what files/prompts are sent upstream, and ensure webhooks/third-party services are trusted.