// gh-actions 패키지
inference-gateway/infer-action
Github action for the Infer CLI
// exfil path
what is read → where it ships- ● GitHub PAT
- ● AI API keys
- ⚙ curl | bash(fetches + executes remote payload)
→ 정적 분석기가 curl-pipe-bash 패턴 검출 — 설치 경로에 원격 코드 실행 형태가 그대로 드러남.
- @2026-06-06T18:21:57··AUTO-PUBLISHED·publisher: inference-gatewayheuristic 42/100static flags 3llm malicious (0.95) via fast-tracknew-publisher:16dhas-source-repopublisher-version-pump:7reads-github-tokensreads-ai-api-keyscurl-pipe-bash
→ 정적 분석기가 curl-pipe-bash 패턴 검출 — 설치 경로에 원격 코드 실행 형태가 그대로 드러남.
// offending code· 1 file flaggedpatterns: 3
--- action.yml --- name: "Infer Agent Action" description: "Run Infer CLI agent on GitHub issues with support for multiple AI providers, automatic pull request creation, and progress tracking" author: "Inference Gateway" branding: icon: "cpu" color: "blue" inputs: github-token: description: "GitHub token for posting comments and accessing API" required: true github-app-slug: description: | Slug of the GitHub App whose bot identity should author the agent's commits (e.g. "infer-bot"). When set, commits are attributed to "<slug>[bot]" and the numeric id is resolved via GET /users/{slug}[bot] (which works with an App installation token, unlike GET /user). Falls back to github-actions[bot] when empty or if the lookup fails. required: false default: "" trigger-phrase: description: "Phrase to trigger the agent (e.g., @infer)" required: false default: "@infer" direct-prompt: description: | Free-text task to run directly, bypassing issue/comment trigger detection. When non-empty, the agent runs against this text instead of an issue or comment body, so the action works under `workflow_dispatch` (or any event) with no issue/PR thread required. In this mode the agent commits to a new branch and opens a PR (honoring `enable-git-operations`), and the result plus PR link are written to the job summary. A `/model` override embedded in the text is honored, as in event-driven mode. Leave
