ai-social-media-content
Fail
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: Fetches and executes the CLI installation script from the official inference.sh domain. While this is a standard installation pattern for the vendor's tool, piped execution of remote scripts is a high-privilege operation.
- [COMMAND_EXECUTION]: The skill requires Bash permissions to execute 'infsh' commands, which enables interaction with various AI models and management of local files.
- [PROMPT_INJECTION]: The skill contains surfaces for indirect prompt injection within its repurposing and batch creation workflows.
- Ingestion points: Shell variables like $CONCEPT and $topic in 'SKILL.md' are interpolated directly into AI prompts.
- Boundary markers: Absent in 'SKILL.md'.
- Capability inventory: The 'Bash(infsh *)' tool in 'SKILL.md' provides network communication and file system operations.
- Sanitization: No input validation or escaping is applied to variables before they are processed by the CLI tools.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
Audit Metadata