The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill instructs the user/agent to install its CLI tool using a dangerous pattern: fetching a remote script and piping it directly to the shell.
Evidence: curl -fsSL https://cli.inference.sh | sh found in SKILL.md and references/authentication.md.
[COMMAND_EXECUTION]: The skill heavily utilizes the infsh CLI tool to perform various tasks including running arbitrary cloud-hosted AI applications, searching for apps, and managing authentication.
Evidence: infsh app run, infsh login, and other infsh subcommands are the primary interface described in all files.
[DATA_EXFILTRATION]: The skill explicitly includes functionality to read local files (images, audio, video) and upload them to the vendor's remote infrastructure for cloud processing.
Evidence: Documentation in references/running-apps.md states: 'The CLI automatically uploads local files when you provide a file path instead of a URL'. Example: infsh app run falai/topaz-image-upscaler --input '{"image": "/path/to/photo.jpg", "upscale_factor": 2}'.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes untrusted local data and user-supplied prompts through external AI models without apparent sanitization.
Ingestion points: User prompts and local file contents (images, audio) provided via the --input flag in SKILL.md.
Boundary markers: Absent; inputs are passed as raw JSON strings or files.
Capability inventory: Execution of cloud-based LLMs, image/video generators, and social media automation (Twitter) via the infsh CLI.
Sanitization: Not documented; inputs are passed directly to the remote API.

agent-tools