og-image-design
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- Remote Code Execution (CRITICAL): The automated scanner detected the command
curl -fsSL https://cli.inference.sh | sh. This pattern is extremely dangerous as it executes an unverified script from a non-trusted domain directly in the user's shell environment without any opportunity for review. - External Downloads (HIGH): The domain
inference.shis not part of the defined trusted sources list, making the download unverifiable and high-risk. - Command Execution (HIGH): The use of piped shell execution (
| sh) is a high-risk installation method that bypasses security auditing and standard package management controls.
Recommendations
- CRITICAL: Downloads and executes remote code from untrusted source(s): https://cli.inference.sh - DO NOT USE
- AI detected serious security threats
Audit Metadata