Skills
skills/inference-sh-3/skills/ai-podcast-creation/Gen Agent Trust Hub

ai-podcast-creation

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill instructs users to install the infsh command-line tool by piping a script from https://cli.inference.sh directly to the shell (sh). This pattern executes remote code on the local system. The script originates from the vendor's own infrastructure and is the documented method for installation.
  • [EXTERNAL_DOWNLOADS]: The installation script downloads binaries and checksums from dist.inference.sh to provide the CLI functionality.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute infsh commands, which orchestrate various AI tasks like text-to-speech conversion, music generation, and audio merging.
  • [PROMPT_INJECTION]: The skill demonstrates processing external data (e.g., <your-document-content>) by passing it into LLM prompts and TTS models, creating an indirect injection surface.
  • Ingestion points: Data is ingested via command-line arguments in SKILL.md examples.
  • Boundary markers: No explicit delimiters or 'ignore' instructions are used in the prompt examples to separate untrusted data from agent instructions.
  • Capability inventory: The skill is restricted to the Bash(infsh *) tool set.
  • Sanitization: No input sanitization or filtering is visible in the provided workflows.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 01:02 AM