Skills
skills/1nfsh-s3/skills/speech-to-text/Gen Agent Trust Hub

speech-to-text

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • Remote Code Execution (CRITICAL): The skill contains instructions to execute code directly from a remote URL using the piped command curl -fsSL https://cli.inference.sh | sh. This pattern is highly dangerous as it grants the remote server full control over the execution environment.
  • External Downloads (HIGH): The skill downloads and executes binaries from cli.inference.sh and dist.inference.sh. Neither of these domains is on the 'Trusted External Sources' list, making the provenance and integrity of the code unverifiable.
  • Command Execution (MEDIUM): The skill requires access to the Bash tool to run the infsh command and its subcommands, which are used to interact with external APIs and local data.
  • Indirect Prompt Injection (LOW): The skill processes external audio and video URLs (audio_url, video_url). While primarily a data ingestion surface, malicious content or metadata in these files could theoretically influence the agent's behavior if the output is not properly sanitized.
  • Ingestion points: audio_url, video_url parameters in infsh app run commands.
  • Boundary markers: None present in the provided shell examples.
  • Capability inventory: Bash execution, file reading (implied by input redirection), and network communication to inference.sh.
  • Sanitization: No evidence of sanitization or validation of the remote URLs before processing.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 19, 2026, 08:01 PM