The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill instructs the user to install the CLI using a piped-to-shell command: curl -fsSL https://cli.inference.sh | sh. This executes a script fetched from the vendor's domain directly in the environment.
[EXTERNAL_DOWNLOADS]: The installation process (both automated and manual) involves downloading binary files, manifests, and checksums from dist.inference.sh and cli.inference.sh.
[DATA_EXFILTRATION]: The skill documents a 'Local File Uploads' feature where the belt CLI automatically detects local file paths provided in model inputs and uploads them to the vendor's cloud infrastructure. This functionality creates a surface for potential data exposure if an agent is manipulated into passing sensitive local paths (such as keys or configuration files) as input to the tool.
Ingestion points: Command-line arguments for the belt app run command (specifically the --input flag described in SKILL.md and references/running-apps.md).
Boundary markers: None identified in the provided documentation.
Capability inventory: File read and network upload capabilities via the belt CLI tool executed through the Bash tool (restricted to the belt prefix in frontmatter).
Sanitization: No specific sanitization or validation of the file paths provided by the agent is described in the documentation.

infsh-cli