Skills
skills/inference-sh-8/skills/ai-video-generation/Gen Agent Trust Hub

ai-video-generation

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the infsh CLI tool to execute AI model workloads. This is limited to the specific command via the allowed-tools restriction in the frontmatter.
  • [EXTERNAL_DOWNLOADS]: The documentation suggests installing additional related skills from the inference-sh organization using npx skills add. These are vendor-owned resources and are part of the intended functionality.
  • [PROMPT_INJECTION]: The skill processes untrusted data which creates a surface for indirect prompt injection.
  • Ingestion points: The skill accepts user-provided strings for prompt and external URLs for image_url, video_url, and audio_url within the JSON input to the infsh command.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the provided examples.
  • Capability inventory: The skill possesses the capability to execute shell commands via the infsh tool, which interacts with remote AI services.
  • Sanitization: There is no evidence of input sanitization or validation for the URLs or prompt content within the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 02:29 PM