Skills
skills/inferencesh/agent-skills/product-photography/Gen Agent Trust Hub

product-photography

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • Remote Code Execution (CRITICAL): Automated scanning detected the command 'curl -fsSL https://cli.inference.sh | sh'. This pattern downloads a script and executes it immediately in the shell, which is a classic RCE vector.
  • External Downloads (HIGH): The URL 'https://cli.inference.sh' is not a trusted source according to the provided security policy, making the downloaded content unverified.
  • Command Execution (HIGH): Piping directly to 'sh' provides the remote code with full execution privileges on the user machine without any isolation or content validation.
Recommendations
  • CRITICAL: Downloads and executes remote code from untrusted source(s): https://cli.inference.sh - DO NOT USE
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 16, 2026, 07:47 AM