Skills
skills/inferencesh/skills/twitter-thread-creation/Gen Agent Trust Hub

twitter-thread-creation

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (CRITICAL): The skill contains the command curl -fsSL https://cli.inference.sh | sh. This pattern downloads and executes code directly from an untrusted web server with no integrity checks or verification.
  • [EXTERNAL_DOWNLOADS] (HIGH): The skill uses npx skills add to pull and execute additional code from the inference-sh organization, which is not in the list of trusted external sources.
  • [COMMAND_EXECUTION] (MEDIUM): The skill requires the Bash(infsh *) permission, granting the agent the ability to execute any command within the inference-sh CLI environment, including potential browser-based data access and search queries.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 18, 2026, 01:16 AM