ai-social-media-content

[Skill Scanner] Pipe-to-shell or eval pattern detected This Skill is functionally consistent with its stated purpose (AI social media content generation). The main security concerns are operational: (1) the recommended installation technique (curl https://cli.inference.sh | sh) executes remote code locally and is high-risk if the source is compromised; (2) all calls and credentials are routed through the inference.sh backend (a third-party gateway), which centralizes sensitive data and could be used to harvest credentials or content if the provider or its infrastructure is malicious or compromised; and (3) the skill shows shell tooling and automation that — if granted as agent permissions — increases attack surface. I found no explicit obfuscated code or direct malware inside the provided text/commands, but the supply-chain and credential-exfiltration risks are meaningful. Recommendation: treat inference.sh as a trusted component only after review (verify installer integrity/signatures), prefer package-managed installs or signed releases, audit where credentials are stored and how network calls are routed, and limit agent/tool permissions (avoid broad Bash/inference.sh wildcards). LLM verification: No clear malicious code is present in the provided SKILL.md content; the skill's capabilities match its stated purpose. However there are operational supply-chain risks: the docs instruct users to run a remote install script piped to sh (high-risk install pattern), and all prompts/media/possibly credentials are routed through a single third-party service (inference.sh) with no disclosure about storage, retention, or token handling. Treat the installer and the inference.sh service as high-trust c