Skills
AGENT LAB: SKILLS
skills/inference-sh-4/skills/ai-marketing-videos/Gen Agent Trust Hub

ai-marketing-videos

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • REMOTE_CODE_EXECUTION (CRITICAL): The skill instructions include curl -fsSL https://cli.inference.sh | sh. This pattern downloads and executes a shell script from an untrusted domain directly, which can lead to complete host compromise.
  • EXTERNAL_DOWNLOADS (HIGH): The skill downloads tools from inference.sh and uses npx to add additional unverified skills from inference-sh/skills, none of which are on the trusted sources list.
  • COMMAND_EXECUTION (HIGH): The skill relies on arbitrary command execution via the Bash tool for core operations including system login, package installation, and multi-step media processing workflows.
  • PROMPT_INJECTION (LOW): An indirect prompt injection surface is created in the explainer video workflow where model-generated output (script.json from Claude-4.5) is used to drive subsequent tool calls without sanitization. Evidence Chain: 1. Ingestion points: script.json generated by an external model. 2. Boundary markers: Absent. 3. Capability inventory: Shell access via infsh and Bash tool. 4. Sanitization: None.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 18, 2026, 10:58 PM