Skills
skills/sickn33/antigravity-awesome-skills/hugging-face-cli/Gen Agent Trust Hub

hugging-face-cli

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches installation scripts and configuration files from official Hugging Face domains (hf.co) and public GitHub repositories.
  • [REMOTE_CODE_EXECUTION]: Provides instructions to download and execute shell scripts for tool installation. Additionally, it documents the hf jobs functionality, which enables running scripts (via URL or local path) on Hugging Face compute infrastructure.
  • [COMMAND_EXECUTION]: Exposes comprehensive CLI commands for managing Hugging Face repositories, inference endpoints, and compute jobs.
  • [DATA_EXFILTRATION]: Facilitates the upload of local files and folders to the Hugging Face Hub, which is the tool's primary intended data management purpose.
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by ingesting data from external repositories on the Hugging Face Hub.
  • Ingestion points: hf download, hf datasets info, and hf papers read in SKILL.md.
  • Boundary markers: Absent; no specific delimiters are defined to isolate untrusted data from instructions.
  • Capability inventory: Full suite of hf CLI tools for repository management and script execution.
  • Sanitization: Absent; the skill does not specify validation or filtering for downloaded content.
Recommendations
  • INFO: Downloads code from trusted source(s): https://raw.githubusercontent.com/huggingface/hf-mount/main/install.sh
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 09:36 PM