ai-voice-cloning
Fail
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill documentation provides an installation command 'curl -fsSL https://cli.inference.sh | sh'. This facilitates the download and execution of a setup script from the vendor's infrastructure to install the official CLI tool.
- [EXTERNAL_DOWNLOADS]: The CLI installation process involves downloading binaries and verifying checksums from 'dist.inference.sh', which is a domain controlled by the vendor.
- [COMMAND_EXECUTION]: The skill makes extensive use of the 'infsh' CLI tool to execute various AI models for voice synthesis, media merging, and video processing.
- [PROMPT_INJECTION]: The skill processes user-supplied text for speech generation, representing a surface for indirect prompt injection.
- Ingestion points: The 'text' field within the JSON input for 'infsh app run' commands (found in SKILL.md).
- Boundary markers: Data is structured within JSON objects.
- Capability inventory: The skill utilizes shell command execution via the 'infsh' tool to interact with remote AI applications.
- Sanitization: No specific sanitization or escaping of the input text is described in the skill instructions.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
Audit Metadata