Skills
AGENT LAB: SKILLS
skills/inference-sh-4/skills/explainer-video-guide/Gen Agent Trust Hub

explainer-video-guide

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (HIGH): The skill provides a 'Quick Start' command (curl -fsSL https://cli.inference.sh | sh) that downloads a remote script and executes it immediately with current user privileges. This is a dangerous pattern as it provides no opportunity to verify the script's contents before execution and could be used to deliver malware.
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The 'Related Skills' section uses npx skills add to download and install additional skills from the inference-sh repository. These dependencies are not from the defined list of trusted sources and represent unvetted remote code execution.
  • [COMMAND_EXECUTION] (LOW): The skill relies on executing the infsh CLI tool via shell commands throughout the guide to perform video and audio generation tasks.
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection due to how it handles data interpolation.
  • Ingestion points: Multiple bash blocks in SKILL.md where user-controlled prompts are passed to the --input flag of the infsh tool.
  • Boundary markers: None. User input is directly placed within the JSON string of the shell command.
  • Capability inventory: The skill calls infsh, which executes subprocesses and performs network operations.
  • Sanitization: None detected. The prompts are used as-is in command-line arguments.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 19, 2026, 02:39 AM