Skills
skills/inf-sh/skills/talking-head-production/Gen Agent Trust Hub

talking-head-production

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (CRITICAL): The command curl -fsSL https://cli.inference.sh | sh is present in the Quick Start section of SKILL.md. This is a critical vulnerability that downloads a script and pipes it directly to the shell, allowing an untrusted third party to execute arbitrary code on the host system without verification.
  • [EXTERNAL_DOWNLOADS] (HIGH): The skill depends on software and CLI tools downloaded from inference.sh. This domain is not included in the list of trusted GitHub organizations or repositories, introducing a significant supply chain risk.
  • [COMMAND_EXECUTION] (MEDIUM): The skill extensively uses the infsh CLI tool via the Bash tool to perform complex operations like video generation and TTS. This represents a broad attack surface if the external tool or its remote backend is compromised.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill features a vulnerability surface for indirect prompt injection as it processes untrusted user strings for audio and video production. Evidence Chain: 1. Ingestion points: prompt and input fields in falai/dia-tts and bytedance/omnihuman-1-5 tool calls. 2. Boundary markers: Absent. 3. Capability inventory: Bash(infsh) used for all production steps. 4. Sanitization: Absent.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 18, 2026, 02:01 AM