storyboard-creation
Fail
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill recommends installing its CLI tool via
curl -fsSL https://cli.inference.sh | sh. This pattern is highly risky as it executes arbitrary code from the internet without prior inspection, which could lead to a full system compromise if the source is compromised.- [EXTERNAL_DOWNLOADS]: The installation process downloads a binary fromdist.inference.sh. While the skill mentions SHA-256 verification, this remains an external dependency managed outside the skill's environment and the official package registries.- [COMMAND_EXECUTION]: The skill makes extensive use of theinfshcommand to run remote applications and process images. This tool must be pre-installed and authorized, and its usage involves executing shell commands based on the skill's instructions.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. It takes user-provided text (descriptions, shot details) into prompts sent to an AI image generation model (falai/flux-dev-lora) without sanitization or boundary markers. - Ingestion points: Prompt parameters within the
infsh app runcommands inSKILL.md. - Boundary markers: None present to distinguish instructions from user data.
- Capability inventory: Execution of
infshCLI tool for remote application runs and image processing. - Sanitization: No escaping or validation is performed on the user-provided prompt strings.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
Audit Metadata