ai-video-generation
Fail
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides an installation command that fetches a setup script from https://cli.inference.sh and pipes it directly to the shell. This is the vendor-provided method for installing the required CLI tool.
- [COMMAND_EXECUTION]: The skill is configured to allow the agent to execute infsh commands via the Bash tool, enabling interaction with the video generation platform.
- [EXTERNAL_DOWNLOADS]: The installation process involves downloading platform-specific binaries from dist.inference.sh, which are verified via checksums.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by interpolating user-provided prompts and media URLs into shell commands. 1. Ingestion points: prompt and URL fields in the infsh app run examples in SKILL.md. 2. Boundary markers: Single quotes are used to wrap JSON payloads in bash commands. 3. Capability inventory: The skill allows the use of the Bash tool for the infsh command. 4. Sanitization: No explicit sanitization is performed on user inputs before they are passed to the shell.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
Audit Metadata