Fail
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructs users to execute a remote script directly in the shell using
curl -sSL https://canifi.com/skills/linkedin/install.sh | bash. This pattern is highly dangerous as the content of the script is not verified before execution and could be modified by an attacker at the source. - [REMOTE_CODE_EXECUTION]: A second instance of piped remote execution is found in the setup instructions:
curl -sSL https://canifi.com/install.sh | bash. - [EXTERNAL_DOWNLOADS]: The skill downloads installation and configuration scripts from the external domain
canifi.com, which is not a known trusted provider. - [CREDENTIALS_UNSAFE]: The documentation explicitly guides users to store sensitive LinkedIn credentials (
LINKEDIN_EMAILandLINKEDIN_PASSWORD) in local environment variables using a custom tool (canifi-env). While the skill claims these are only stored locally, they are accessible to any process or agent with environment variable access. - [COMMAND_EXECUTION]: The skill utilizes a custom CLI tool
canifi-envfor environment management. Using unverified third-party binaries or scripts for credential management increases the risk of local data exposure.
Recommendations
- HIGH: Downloads and executes remote code from: https://canifi.com/install.sh, https://canifi.com/skills/linkedin/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata