Skills
skills/inference-sh-3/skills/ai-video-generation/Gen Agent Trust Hub

ai-video-generation

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill provides an installation command curl -fsSL https://cli.inference.sh | sh which pipes a remote script into the shell. This is a common installation pattern for CLI tools and originates from the vendor's official domain.
  • [EXTERNAL_DOWNLOADS]: The skill references binary downloads from dist.inference.sh for CLI installation and verification. These resources are hosted on the vendor's infrastructure.
  • [COMMAND_EXECUTION]: The skill utilizes the infsh command to interact with various AI models. The execution environment is appropriately restricted via the allowed-tools frontmatter, limiting the agent to the infsh command only.
  • [PROMPT_INJECTION]: The skill processes user-supplied prompts and media URLs as arguments to the infsh CLI.
  • Ingestion points: Command-line arguments in SKILL.md (e.g., --input).
  • Boundary markers: None explicitly defined in the prompt instructions.
  • Capability inventory: Execution of the infsh CLI tool via Bash.
  • Sanitization: Not present in the skill instructions; however, this is standard behavior for a tool-based skill and does not indicate malicious intent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 01:02 AM