Skills
AGENT LAB: SKILLS
skills/inference-sh-3/skills/video-prompting-guide/Gen Agent Trust Hub

video-prompting-guide

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • Unverifiable Dependencies & Remote Code Execution (CRITICAL): The documentation includes the command curl -fsSL https://cli.inference.sh | sh. This pattern is highly dangerous as it executes arbitrary code from the internet without prior inspection or verification of the source. The domain inference.sh is not a recognized trusted source.
  • Dynamic Execution (MEDIUM): The skill configuration allows the agent to use Bash(infsh *), enabling the execution of shell commands. Combined with the installation of untrusted CLI tools, this creates a significant attack surface for local system compromise.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 19, 2026, 03:41 AM