ai-content-pipeline

[Skill Scanner] Pipe-to-shell or eval pattern detected No explicit malware or obfuscated backdoor code is present in the provided documentation. The primary risks are operational: installing a remote script via curl|sh, centralizing content and credentials through the inference.sh CLI (an intermediary), and permissive tool allowances that could transmit arbitrary user data to many third‑party services. For sensitive or private content, treat the infsh CLI and its endpoints as a high‑trust component, review its installation script and privacy/retention policies, and avoid piping remote installers without auditing. Overall classification: suspicious (architectural/data‑exfiltration risk) rather than clearly malicious. LLM verification: The document is legitimate-looking orchestration documentation for building AI media pipelines and does not contain direct code-level malware indicators in the provided file. However, it instructs a high-risk installation pattern (curl | sh) and centralizes all service interactions through a single gateway (inference.sh), which creates a realistic supply-chain risk: credential exposure and data exfiltration if the gateway or installer is malicious or compromised. Treat the installer and gateway