Skills
skills/manojbajaj95/gtm-skills/newsletter-curation/Gen Agent Trust Hub

newsletter-curation

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Remote Code Execution (HIGH): The skill instructs the user to run curl -fsSL https://cli.inference.sh | sh. This is a high-risk 'piped to shell' pattern that executes unverified code from a non-trusted domain.
  • External Downloads (MEDIUM): The skill uses npx skills add to install additional logic from inferencesh/skills, which is an untrusted registry according to the established trust scope.
  • Indirect Prompt Injection (LOW): The skill is designed to ingest and curate data from external search tools (tavily/search-assistant and exa/search). Ingestion points: Search results are directly formatted into newsletter templates in SKILL.md. Boundary markers: The templates do not use delimiters or warnings to ignore embedded instructions in the search data. Capability inventory: The skill has access to shell commands via Bash(infsh *) and social media posting via x/post-create. Sanitization: No escaping or validation is performed on the ingested content.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 19, 2026, 03:51 PM