customer-persona
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Remote Code Execution (CRITICAL): The skill is configured to download and execute code using 'curl -fsSL https://cli.inference.sh | sh'. This pattern allows an unverified external server to execute arbitrary commands on the agent host.
- External Downloads (HIGH): The skill connects to 'cli.inference.sh', which is not a trusted source according to the security guidelines, to retrieve executable scripts.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata