related-skill
Fail
Audited by Gen Agent Trust Hub on Feb 12, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
================================================================================
🔴 VERDICT: HIGH
This skill presents a HIGH risk due to its reliance on downloading and executing unverified external code via npx commands. The npx skills tool, and the skills it installs from the inference.sh registry, are not directly auditable within the provided skill file, posing a significant command execution and external download risk.
Total Findings: 2
🔴 HIGH Findings:
• Unverified Command Execution via npx
- Line 3:
allowed-tools: Bash(npx skills *)Description: The skill explicitly allows and instructs the use ofnpx skills *commands.npxis a Node.js package runner that downloads and executes packages from the npm registry (or other specified registries). This means the skill relies on external, unverified code (skillspackage and the skills it installs frominference.sh) to be downloaded and executed on the user's system. The content of these external packages is not auditable within this skill's definition, posing a significantCOMMAND_EXECUTIONrisk.
🟡 MEDIUM Findings: • External Downloads from Unverified Source
- Line 3:
allowed-tools: Bash(npx skills *)Description: The skill instructs the user to download and install packages frominference.shvianpx skills. Theinference.shdomain is not listed as a trusted external source. Additionally, an image is downloaded fromcloud.inference.sh(Line 9). Whileinference.shis the source of the skill itself, the external nature of these downloads means their content is not directly verifiable during this analysis, leading to anEXTERNAL_DOWNLOADSrisk.
================================================================================
Recommendations
- AI detected serious security threats
Audit Metadata