web-search
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [Unverifiable Dependencies & Remote Code Execution] (CRITICAL): The skill contains instructions to execute
curl -fsSL https://cli.inference.sh | sh. This pattern downloads and runs a script from a non-whitelisted source directly in the system shell, which can lead to complete host compromise.\n- [Indirect Prompt Injection] (HIGH): The skill performs web extraction and search (Exa/Tavily) where the resulting untrusted content is fed directly into LLM prompts in the provided workflows. This lacks sanitization or boundary markers, allowing a malicious website to hijack the agent's logic.\n- [Command Execution] (HIGH): The skill requests broad permissions forBash(infsh *), allowing the agent to execute any functionality provided by theinfshCLI, which interacts with hundreds of external applications and increases the overall attack surface.
Recommendations
- CRITICAL: Downloads and executes remote code from untrusted source(s): https://cli.inference.sh - DO NOT USE
- AI detected serious security threats
Audit Metadata