Skills
skills/inference-sh-4/skills/video-ad-specs/Gen Agent Trust Hub

video-ad-specs

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • REMOTE_CODE_EXECUTION (CRITICAL): The skill contains instructions to run curl -fsSL https://cli.inference.sh | sh. This is a high-risk piped execution pattern that allows an untrusted remote server to execute arbitrary code on the agent's environment without verification.
  • EXTERNAL_DOWNLOADS (HIGH): The skill facilitates the installation of the infsh CLI and additional components from inference.sh, which is not a verified trusted source. It also uses npx to add unverified remote skills.
  • COMMAND_EXECUTION (MEDIUM): The skill relies on the Bash tool to execute several complex infsh commands. While necessary for the skill's purpose, this provides a surface for command injection.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill interpolates user-controlled prompts directly into shell command arguments. Evidence: 1. Ingestion points: JSON prompt values in infsh app run commands. 2. Boundary markers: Absent; user input is not delimited from command structure. 3. Capability inventory: The skill utilizes shell execution and network access. 4. Sanitization: No sanitization or escaping of user-provided content is implemented.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 19, 2026, 01:09 AM