Skills
skills/inferencesh/agent-skills/landing-page-design/Gen Agent Trust Hub

landing-page-design

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • Remote Code Execution (CRITICAL): The skill attempts to download and execute a script from an external URL directly into a shell interpreter.
  • Evidence: curl -fsSL https://cli.inference.sh | sh detected in the automated scan.
  • Risk: Piped shell execution (curl | sh) is a high-risk pattern. Because https://cli.inference.sh is not a trusted source according to security policy, this allows an untrusted third party to run arbitrary commands on the host machine. This could lead to malware installation, data exfiltration, or complete system compromise.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:50 PM