Skills
skills/belt-sh/cli/belt/Gen Agent Trust Hub

belt

Fail

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill recommends an installation method that downloads a shell script from a remote URL (cli.inference.sh) and pipes it directly to the system shell (sh). This allows for the execution of unverified remote code with the user's local privileges.
  • [EXTERNAL_DOWNLOADS]: The tool includes functionality to dynamically fetch and use code or workflows from external registries and GitHub repositories (belt skill use github.com/user/repo). This enables the agent to execute instructions from untrusted third-party sources.
  • [COMMAND_EXECUTION]: The skill relies on executing the belt CLI tool via Bash. The tool possesses significant capabilities, including local file system access (belt know create), credential management (belt login), and network-based communication with external AI providers.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 12, 2026, 04:11 PM