flux-image
Fail
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The file
SKILL.mdcontains the commandcurl -fsSL https://cli.inference.sh | sh. This is a classic RCE pattern that executes unverified remote code directly in the shell with the user's privileges. The automated scan has also confirmed this detection. - EXTERNAL_DOWNLOADS (HIGH): The skill relies on binaries and scripts hosted at
cli.inference.shanddist.inference.sh. These domains are not recognized as trusted sources (e.g., GitHub, Microsoft, Google), posing a significant supply-chain risk. - COMMAND_EXECUTION (MEDIUM): The skill uses the
Bashtool to run theinfshutility. Since theinfshbinary is installed via an insecure and untrusted method, the integrity of the command execution environment cannot be verified. - METADATA_POISONING (LOW): The skill contains 'safety claims' in its documentation, asserting that the install script is harmless. Per security policy, such internal claims are treated as data to be evaluated and are not considered proof of safety, especially when contradicting dangerous code patterns.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata