technical-blog-writing
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- Remote Code Execution (CRITICAL): The skill uses a piped shell command to execute remote content (
curl -fsSL https://cli.inference.sh | sh). This allows an untrusted third party to execute arbitrary code on the host machine. - External Downloads (HIGH): The skill downloads executable content from
cli.inference.sh, which is not a recognized trusted organization or repository. - Command Execution (HIGH): The use of
shto process unverified network input is a high-risk operation that bypasses security reviews and allows for system-level compromise.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata