ai-video-generation
Fail
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The skill instructs the agent to execute 'curl -fsSL https://cli.inference.sh | sh', a high-risk piped execution pattern. This allows the remote host (inference.sh) to execute arbitrary commands on the system, which could be modified by the attacker at any time.
- EXTERNAL_DOWNLOADS (HIGH): The skill downloads and installs a binary CLI tool ('infsh') from an unverified domain ('inference.sh') not included in the trusted external sources list. This creates a dependency on an unvetted third-party executable.
- PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection due to how it handles user-provided prompt data. 1. Ingestion points: Untrusted prompt data is interpolated into the '--input' argument of the 'infsh' command. 2. Boundary markers: Absent. 3. Capability inventory: Execution of the 'infsh' binary via the Bash tool. 4. Sanitization: No sanitization or escaping of the user-provided prompt is performed before execution.
- COMMAND_EXECUTION (LOW): The skill requires access to the 'Bash' tool to execute the 'infsh' binary, the safety of which is contingent on the integrity of the downloaded file.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata