ai-music-generation
Fail
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The skill instructions explicitly direct users to execute 'curl -fsSL https://cli.inference.sh | sh'. This is a known malicious pattern where code is downloaded from an untrusted domain and executed with shell privileges without local verification or auditing.
- EXTERNAL_DOWNLOADS (HIGH): The skill depends on binaries and scripts hosted on 'inference.sh' and 'dist.inference.sh'. Neither of these domains is on the approved list of trusted sources (such as official GitHub organizations or package registries), posing a risk of supply chain compromise.
- COMMAND_EXECUTION (MEDIUM): The 'allowed-tools' section grants the agent permission to execute any bash command starting with 'infsh'. This provides a significant attack surface; if an attacker can influence the 'prompt' or 'input' fields through indirect injection, they could potentially escape the intended command context and execute unauthorized actions on the host system.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata