Skills
skills/manojbajaj95/gtm-skills/competitor-teardown/Gen Agent Trust Hub

competitor-teardown

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • Remote Code Execution (CRITICAL): The skill downloads a script from a remote URL and pipes it directly into the shell for execution.
  • Evidence: curl -fsSL https://cli.inference.sh | sh was detected.
  • Source: The domain cli.inference.sh is not a trusted source.
  • Risk: This pattern (curl-pipe-sh) is a high-risk security vulnerability as the script content can be modified by the server owner or an attacker to execute malicious commands without any verification or oversight.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 19, 2026, 03:50 PM