Content Repurposing
PassAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill is coherent for repurposing content, but it relies on a third-party CLI/login and includes examples that can upload content or publish social posts if run.
Install only if you trust inference.sh and are comfortable logging in. Review every infsh command before running it, especially commands that upload private source material or publish to social accounts.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the quick-start installer would execute code downloaded from inference.sh on the user's machine.
The skill documents installing a third-party CLI through a remote shell script. This is disclosed and purpose-aligned, and the artifact claims checksum verification, but it still requires trusting that provider.
curl -fsSL https://cli.inference.sh | sh && infsh login
Verify the inference.sh installer and checksums, or use the manual install path, before running the command.
If invoked with connected accounts, the agent could run infsh commands that generate assets or publish content.
The skill allows broad infsh CLI use and includes an example that can create a social-media post. This fits the distribution purpose, but users should notice that the tool can perform account actions.
allowed-tools: Bash(infsh *) ... # Post the thread infsh app run x/post-create --input
Require explicit review before any command that posts, publishes, or otherwise changes an external account.
Commands may run under the user's inference.sh account and any connected provider accounts.
The skill expects the user to log into the inference.sh CLI. Account access is expected for the integration, but it is not declared as a primary credential in the registry metadata.
curl -fsSL https://cli.inference.sh | sh && infsh login
Use an account with appropriate permissions and review connected-service access before publishing or uploading content.
Podcast audio or other source material may be uploaded to third-party inference apps for processing.
The skill includes a provider call that uses a local audio file as input. This is normal for transcription/content repurposing, but it means selected source content may leave the local environment.
infsh app run <stt-app> --input '{
"audio": "episode-42.mp3"
}'Avoid using confidential or restricted content unless the provider's handling and permissions are acceptable.