data-visualization
Fail
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides a quick-start command that pipes a remote shell script from the vendor's domain (
cli.inference.sh) directly into the system shell. This is a standard installation method for the author's primary toolset.\n- [EXTERNAL_DOWNLOADS]: The installation process involves fetching software binaries and verification checksums from the vendor's distribution infrastructure (dist.inference.sh).\n- [COMMAND_EXECUTION]: The skill utilizes theinfshcommand-line utility to run data processing and visualization tasks through its specialized apps.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface where external data is passed as input to code execution environments (infsh/python-executorandinfsh/html-to-image).\n - Ingestion points: Data enters the skill via the
--inputargument in theinfsh app runcommands used for chart generation.\n - Boundary markers: No specific delimiters or safety instructions are provided to separate the visualization logic from potentially untrusted input data.\n
- Capability inventory: The skill can execute arbitrary Python code (using
matplotlibandnumpy) and render HTML to images, providing a execution pathway for instructions embedded in data.\n - Sanitization: The skill documentation does not describe any validation or escaping mechanisms to prevent malicious content in the data from influencing the execution environment.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
Audit Metadata