Skills
skills/inference-sh-8/skills/google-veo/Gen Agent Trust Hub

google-veo

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads an installation script from https://cli.inference.sh. This is the official domain for the skill vendor's command-line interface.
  • [REMOTE_CODE_EXECUTION]: The instructions provide the command curl -fsSL https://cli.inference.sh | sh to install the infsh utility. This pattern downloads and executes a script directly from the vendor's infrastructure.
  • [COMMAND_EXECUTION]: The skill utilizes the infsh CLI via the Bash tool to perform operations such as logging in and running video generation models (e.g., infsh app run).
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by interpolating user-provided text into a command-line tool's arguments.
  • Ingestion points: User-supplied prompt strings are processed via the --input JSON parameter in SKILL.md.
  • Boundary markers: The input is contained within a JSON object and enclosed in single quotes for shell execution.
  • Capability inventory: The skill executes shell commands via the Bash tool to interact with the vendor's API.
  • Sanitization: There is no explicit sanitization described for the prompt input, relying on the underlying tool for input handling.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 02:29 PM