Skills
skills/inference-sh-8/skills/text-to-speech/Gen Agent Trust Hub

text-to-speech

Fail

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill provides a command (curl -fsSL https://cli.inference.sh | sh) that pipes a script from a remote vendor-controlled domain directly to the shell for installation.
  • [COMMAND_EXECUTION]: Functionality is implemented using the infsh tool, which is granted permission in the skill's metadata.
  • [EXTERNAL_DOWNLOADS]: The skill and its associated CLI tool fetch binary updates and application data from vendor domains such as dist.inference.sh and cloud.inference.sh.
  • [PROMPT_INJECTION]: The skill processes untrusted input strings for speech synthesis (SKILL.md). Ingestion points: Text passed via the --input flag. Boundary markers: None. Capability inventory: Interaction with the infsh binary. Sanitization: None described.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 19, 2026, 01:43 PM