competitor-teardown
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTION
Full Analysis
- Remote Code Execution (CRITICAL): The skill uses the pattern
curl -fsSL https://cli.inference.sh | shto download and immediately execute a script. This is an extremely high-risk operation because the script content is never verified before execution. Since 'cli.inference.sh' is not a trusted source, an attacker could modify the remote script to perform any malicious action on the host system, including data theft, malware installation, or establishing persistence.
Recommendations
- CRITICAL: Downloads and executes remote code from untrusted source(s): https://cli.inference.sh - DO NOT USE
- AI detected serious security threats
Audit Metadata