Skills
skills/inference-sh/agent-skills/agent-tools/Gen Agent Trust Hub

agent-tools

Fail

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill instructs the user or agent to install the infsh CLI by piping a remote script from https://cli.inference.sh directly to a shell.
  • [COMMAND_EXECUTION]: The skill requires access to the Bash tool to run the installer and the infsh CLI commands.
  • [DATA_EXFILTRATION]: The CLI tool features automatic local file uploads when a file path is provided in the input parameters. This allows for the potential exfiltration of sensitive local files to the inference.sh cloud infrastructure.
  • [PROMPT_INJECTION]: The skill ingests results from external AI applications and LLMs, which are untrusted sources. 1. Ingestion points: output from infsh app run (SKILL.md). 2. Boundary markers: absent. 3. Capability inventory: shell execution via Bash(infsh *). 4. Sanitization: no evidence of output filtering or sanitization.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 14, 2026, 09:11 AM