ai-video-generation
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The skill documentation includes the command 'curl -fsSL https://cli.inference.sh | sh', which executes a remote script from an untrusted domain directly in the shell. This pattern allows for immediate and full system compromise.
- COMMAND_EXECUTION (HIGH): The skill requests broad shell execution privileges for the infsh binary (allowed-tools: Bash(infsh *)).
- EXTERNAL_DOWNLOADS (MEDIUM): The skill encourages the installation of further unverified code via 'npx skills add inference-sh/skills@...', which can pull code from unverified third-party repositories.
- PROMPT_INJECTION (LOW): The skill exposes an indirect prompt injection surface by passing untrusted external data (prompts and URLs) to the infsh CLI without sanitization.
- Ingestion points: prompt and image_url fields in various examples in SKILL.md.
- Boundary markers: Absent.
- Capability inventory: Bash(infsh *) allowing local command execution.
- Sanitization: None observed in the instructions or tool definitions.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata