google-veo
Fail
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill recommends installing the Inference.sh CLI by piping a remote script directly to the shell (
curl -fsSL https://cli.inference.sh | sh). This pattern allows for arbitrary code execution on the user system from an external source without prior verification. - [COMMAND_EXECUTION]: The skill uses the
Bashtool to run theinfshcommand and provides multiple examples of executing shell commands to interact with the Inference.sh platform. - [EXTERNAL_DOWNLOADS]: The installation process involves downloading binary executables from
dist.inference.sh. While the documentation claims the script verifies SHA-256 checksums, this verification logic itself resides in the unverified remote script. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface. Ingestion points: User prompts are passed as arguments to the
infshCLI inSKILL.md. Boundary markers: No specific delimiters or instructions are used to separate user prompts from command logic. Capability inventory: The skill has access to theinfshtool via theBashcommand as specified inSKILL.md. Sanitization: No input sanitization or escaping is performed on the user-provided prompt string.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata