Skills
skills/inference-sh/skills/agent-tools/Gen Agent Trust Hub

agent-tools

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to download and install a CLI tool from https://cli.inference.sh. It also references binaries and checksums from https://dist.inference.sh. These are the vendor's own official domains and are considered legitimate for this skill's purpose.
  • [REMOTE_CODE_EXECUTION]: The skill suggests installing the CLI via curl -fsSL https://cli.inference.sh | sh. While piping remote scripts to a shell is generally a high-risk pattern, in this context it is the vendor's official installation method. The skill also provides a manual installation alternative with SHA-256 checksum verification and Sigstore signature verification to mitigate risks.
  • [COMMAND_EXECUTION]: The skill uses Bash(belt *) to execute CLI commands. These commands interact with the belt CLI to run AI models, list apps, and manage tasks. These operations are consistent with the skill's stated purpose of providing an interface to the inference.sh platform.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 07:48 AM
Security Audit — agent-trust-hub — agent-tools