The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill provides instructions to install the belt CLI by piping a remote script to the shell (curl -fsSL https://cli.inference.sh | sh). While this is a common convenience pattern, the skill also explicitly documents a secure manual installation method that includes SHA-256 checksum verification and Sigstore signature validation via cosign to ensure binary integrity.
[EXTERNAL_DOWNLOADS]: The installation process fetches CLI binaries, manifests, and checksums from cli.inference.sh and dist.inference.sh. These resources are official distribution points for the vendor's own tooling.
[COMMAND_EXECUTION]: The skill is designed to execute the belt CLI tool to interact with 250+ AI applications. The execution environment is restricted to the belt command via the allowed-tools frontmatter, preventing broader shell access.
[DATA_EXFILTRATION]: The CLI features an automatic local file upload capability when a file path is provided in place of a URL (e.g., belt app run ... --input '{"image": "/path/to/photo.jpg"}'). This is a core feature intended to allow the cloud-based AI models to process local user media.

agent-tools