landing-page-design
Fail
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill facilitates remote code execution by instructing the user to run 'curl -fsSL https://cli.inference.sh | sh'. This pattern allows a third-party server to execute arbitrary commands on the local system without prior inspection or verification.
- [EXTERNAL_DOWNLOADS]: The skill downloads the 'infsh' CLI binary and uses 'npx' to dynamically add further skills from the 'inference-sh' repository. These external components are fetched and executed at runtime, bypassing standard package verification workflows.
- [COMMAND_EXECUTION]: The skill uses the 'Bash' tool to execute the 'infsh' CLI, which manages interactions with external AI providers and research assistants, performing operations based on the skill's instructions.
- [PROMPT_INJECTION]: The skill processes untrusted data from the 'tavily/search-assistant' tool to research competitor landing pages. This ingestion point lacks explicit boundary markers or sanitization, creating a surface for indirect prompt injection if external search results contain malicious instructions designed to influence the agent's behavior.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata