Skills
skills/inference-sh-4/skills/talking-head-production/Gen Agent Trust Hub

talking-head-production

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • Remote Code Execution (CRITICAL): The skill utilizes the pattern curl -fsSL https://cli.inference.sh | sh to install its CLI tool. This is a critical vulnerability as it executes unverified code from a remote server with shell-level privileges, bypassing security checks and integrity verification.
  • External Downloads (HIGH): The skill references and installs additional components using npx skills add inference-sh/skills. Since inference-sh is not a member of the trusted organizations whitelist, this introduces an unverified dependency risk to the environment.
  • Indirect Prompt Injection (LOW): The skill defines an ingestion surface for external data without adequate safeguards. Evidence Chain: 1. Ingestion points: The skill takes input for image and audio file paths in its infsh commands. 2. Boundary markers: No delimiters or warnings are used to separate untrusted data from instructions. 3. Capability inventory: The Bash(infsh *) tool allows the agent to execute any command within the infsh suite. 4. Sanitization: No evidence of path validation or sanitization of input data before execution.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 18, 2026, 11:15 PM