twitter-thread-creation
Fail
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides a command to execute a shell script directly from a remote URL using
curl -fsSL https://cli.inference.sh | sh. This pattern is used for installing the CLI tool necessary for the skill's operation. - [EXTERNAL_DOWNLOADS]: The skill's installation process fetches binary files and checksums from
dist.inference.sh. - [COMMAND_EXECUTION]: The skill relies on the
Bashtool to runinfshcommands, enabling the agent to manage authentication, execute research tasks, and post content to social media. - [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection. It ingests untrusted data from the web via
tavily/search-assistantandinfsh/agent-browser. This data is then used in the context of generating social media content. The absence of explicit boundary markers or sanitization logic means malicious instructions embedded in web search results could potentially influence the agent's behavior or the generated output.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
Audit Metadata