dialogue-audio
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- Remote Code Execution (HIGH): The Quick Start section explicitly recommends the command 'curl -fsSL https://cli.inference.sh | sh'. This method is highly insecure as it executes arbitrary code from an untrusted external source with the user's current shell privileges.
- External Downloads (MEDIUM): The skill utilizes 'npx skills add' to download and install external packages from the 'inference-sh' repository. These dependencies are not from a verified trusted organization and could contain malicious logic.
- Indirect Prompt Injection (LOW): The skill ingests untrusted text data into a JSON prompt field for the Dia TTS tool. Ingestion points: The 'prompt' key within the JSON input in 'SKILL.md'. Boundary markers: Absent. Capability inventory: The 'infsh' tool triggers network operations and audio generation. Sanitization: No evidence of input validation or escaping for the prompt content.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata