ai-voice-cloning
Fail
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The documentation instructs the user to run 'curl -fsSL https://cli.inference.sh | sh', a high-risk pattern that executes unverified remote scripts with the user's permissions.
- [EXTERNAL_DOWNLOADS]: The skill's functionality is dependent on downloading software from 'cli.inference.sh' and 'dist.inference.sh', which are not recognized as trusted or well-known services.
- [COMMAND_EXECUTION]: The skill uses the 'infsh' command through the Bash tool. Although restricted to the 'infsh' binary, the examples provided include shell features like file output redirection ('>'), which expands the potential impact on the local file system.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata