Skills
skills/tul-sh/skills/app-store-screenshots/Gen Agent Trust Hub

app-store-screenshots

Fail

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill provides an installation command curl -fsSL https://cli.inference.sh | sh which downloads and executes a shell script directly from a remote server. This pattern bypasses manual inspection of the code before it runs on the local system.
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute infsh commands for logging in and running remote AI model tasks. This involves executing local commands to interact with an external API.
  • [EXTERNAL_DOWNLOADS]: The skill's installation process fetches binary files from dist.inference.sh. While the documentation claims SHA-256 verification is performed, the integrity of the process depends on the security of the vendor's distribution infrastructure.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 4, 2026, 12:29 PM