video-ad-specs
Fail
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The installation instructions utilize the pattern
curl -fsSL https://cli.inference.sh | sh. Piping remote content directly into a shell is a high-risk operation that allows for arbitrary code execution on the user's system, potentially leading to full system compromise if the remote source is compromised or the network connection is intercepted. - [COMMAND_EXECUTION]: The skill extensively uses the
infshCLI tool via Bash to interact with external AI models and perform file operations such as merging video/audio and burning captions. This creates a dependency on an external binary whose behavior is determined at runtime by remote server responses. - [EXTERNAL_DOWNLOADS]: The skill references several external resources and encourages the installation of additional skills via
npxfrom theinference-shscope on the NPM registry. - [PROMPT_INJECTION]: The skill provides templates for generating video content where user-controlled strings are interpolated into CLI arguments for remote AI models. This surface is vulnerable to indirect prompt injection. Ingestion points: Prompt fields within CLI examples in SKILL.md. Boundary markers: Commands use JSON objects wrapped in single-quoted shell arguments. Capability inventory: Execution of various AI models (google/veo, bytedance/seedance) and local file manipulation tools. Sanitization: No evidence of input validation or character escaping for the prompt content is present in the skill documentation.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata