video-ad-specs
Fail
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- Remote Code Execution (CRITICAL): The skill's 'Quick Start' section includes the command
curl -fsSL https://cli.inference.sh | sh. This is a highly insecure pattern that downloads a script from an untrusted remote server and executes it directly with shell privileges, allowing for full system compromise. \n- Unverifiable Dependencies (MEDIUM): The 'Related Skills' section usesnpx skills addto download and install additional skills frominference-sh/skills. These external components are not from a trusted organization and could contain malicious code. \n- Command Execution (LOW): The skill is configured withallowed-tools: Bash(infsh *), which grants the agent permission to execute any subcommand of theinfshutility. While this is the intended use of the skill, it represents a significant capability that must be monitored. \n- Indirect Prompt Injection (LOW): The skill ingests untrusted user data into JSON payloads for theinfshCLI without explicit boundary markers or sanitization logic. \n - Ingestion points: The
--inputJSON strings in allinfsh app runcommands. \n - Boundary markers: None present. \n
- Capability inventory: Execution of various remote AI apps via the
infshbash command. \n - Sanitization: None detected in the instructions.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata