Skills
skills/inferencesh/skills/ai-automation-workflows/Gen Agent Trust Hub

ai-automation-workflows

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill contains multiple surfaces for indirect prompt injection.
  • Ingestion points: The conditional_workflow.sh script ingests command-line arguments, and data_processing.sh reads the entire content of external text files.
  • Boundary markers: No delimiters or explicit instructions to ignore embedded commands are used when interpolating this data into prompts.
  • Capability inventory: The skill can execute various AI models via the infsh tool and perform network requests via curl.
  • Sanitization: There is no evidence of validation or escaping of external content before it is processed by AI models.
  • [EXTERNAL_DOWNLOADS]: The documentation references an external installation script for the CLI tool hosted on the vendor's repository: https://raw.githubusercontent.com/inference-sh/skills/refs/heads/main/cli-install.md.
  • [COMMAND_EXECUTION]: The provided templates rely on executing system commands through Bash scripts and the Python subprocess module to orchestrate AI tasks.
  • [DATA_EXFILTRATION]: The skill includes a monitored_workflow.sh example that demonstrates sending command execution results and error logs to an external webhook URL using curl.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 04:19 PM