product-hunt-launch

Warn

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation refers users to an external GitHub repository (inference-sh) to download and install the infsh CLI tool. This is an unverified third-party dependency.
  • [REMOTE_CODE_EXECUTION]: The skill includes commands to install additional skills using npx skills add. These skills are fetched from the inference-sh organization, which is not a verified vendor.
  • [DATA_EXFILTRATION]: User-provided prompts and search queries are sent to external services (including Fal.ai, Tavily, and Exa) via the infsh tool. While consistent with the skill's purpose, this represents data transmission to third-party endpoints.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted search results from the web.
  • Ingestion points: Search results from tavily/search-assistant and exa/search are incorporated into the agent's context.
  • Boundary markers: No explicit boundary markers or delimiters are used to separate untrusted search data from system instructions.
  • Capability inventory: The skill utilizes the infsh CLI tool to run various AI applications based on instructions.
  • Sanitization: No evidence of sanitization or filtering of external search content is present.
  • [METADATA_POISONING]: A suspicious inconsistency (typosquatting indicator) was found between SOURCE.md and SKILL.md. The source metadata references inferen-sh (missing the 'ce'), while the skill body and GitHub links reference inference-sh. This pattern is characteristic of attempts to impersonate legitimate services.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 2, 2026, 07:02 AM
Security Audit — agent-trust-hub — product-hunt-launch