product-hunt-launch
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The skill explicitly commands the user or agent to run
curl -fsSL https://cli.inference.sh | sh. This pattern is highly dangerous as it downloads and executes a script directly from an untrusted source without any integrity verification. - [EXTERNAL_DOWNLOADS] (HIGH): The skill relies on downloading and running various apps from the
inference.shregistry (e.g.,falai/flux-dev-lora,tavily/search-assistant) and usesnpx skills addto fetch external logic, creating a significant supply chain risk. - [COMMAND_EXECUTION] (MEDIUM): Numerous bash commands are executed using the
infshtool to generate images and perform web searches, which could be exploited if the underlying CLI or registry is compromised. - [CREDENTIALS_UNSAFE] (LOW): The presence of the
infsh logincommand indicates that the skill involves the collection and management of authentication tokens for a third-party service. - [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection because it ingests untrusted data from external search tools (
tavily,exa) and processes it without sanitization, boundary markers, or instructions to ignore embedded commands. Evidence: 1. Ingestion:tavily/search-assistantoutput. 2. Boundaries: None. 3. Capabilities: Bash and image generation tools. 4. Sanitization: None.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata