Skills
skills/alfredang/skills/ai-avatar-video/Gen Agent Trust Hub

ai-avatar-video

Fail

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • Remote Code Execution (CRITICAL): The skill instructs the user and the agent to install a CLI tool using curl -fsSL https://cli.inference.sh | sh. This method is inherently dangerous as it executes unverified code from a non-trusted domain (inference.sh) with the permissions of the current user.
  • External Downloads (HIGH): The skill relies on external software from inference.sh, which is not included in the allowed list of trusted GitHub repositories or organizations.
  • Indirect Prompt Injection (LOW): The skill is susceptible to data-driven attacks as it processes untrusted URLs for images and audio without sanitization. Evidence: 1. Ingestion points: image_url and audio_url in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: infsh command execution in SKILL.md. 4. Sanitization: Absent.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 21, 2026, 07:11 AM