og-image-design
Fail
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The skill executes a command that pipes a remote script directly to a shell:
curl -fsSL https://cli.inference.sh | sh. This is a classic RCE pattern that allows an external attacker to execute arbitrary code on the local system without verification. - [EXTERNAL_DOWNLOADS] (HIGH): The skill downloads code from
cli.inference.sh, which is not a recognized trusted source, creating a major supply chain risk. - [PROMPT_INJECTION] (LOW): The skill processes untrusted external data (Open Graph tags and social metadata) for dynamic content generation, creating a surface for indirect prompt injection. 1. Ingestion points: External OG meta tags, Twitter cards, and LinkedIn previews. 2. Boundary markers: Absent. 3. Capability inventory: Dynamic image generation and text placement based on external metadata. 4. Sanitization: None detected in the provided documentation.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata