Skills
skills/inference-sh/agent-skills-registry/competitor-teardown/Gen Agent Trust Hub

competitor-teardown

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Uses the infsh CLI to perform market research tasks, including running search assistants (tavily/search-assistant, exa/search) and browser tools (infsh/agent-browser).\n- [REMOTE_CODE_EXECUTION]: Utilizes a hosted python-executor to run scripts for data visualization. Example code uses the matplotlib library to generate positioning maps.\n- [EXTERNAL_DOWNLOADS]: References installation instructions and supplementary skill modules hosted on the vendor's official GitHub repository (github.com/inference-sh).\n- [PROMPT_INJECTION]: Identified an indirect prompt injection surface inherent to web research tools.\n
  • Ingestion points: External content from competitor websites and search engine results (via agent-browser, tavily, and exa).\n
  • Boundary markers: No explicit delimiters or warnings provided to the agent regarding external data content.\n
  • Capability inventory: Access to shell commands via the infsh CLI, web browsing, and dynamic code execution via python-executor.\n
  • Sanitization: No visible sanitization or filtering of external content prior to processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 09:05 PM