image-to-video

This skill is a documentation/guide that relies on a third-party CLI (infsh) and multiple remote model providers. The main security concerns are supply-chain and data-exfiltration patterns: a curl|sh installer that downloads and executes remote code, remote binaries fetched from dist.inference.sh, and example flows that upload local images and use CLI-held credentials to call third-party inference apps. There are no hardcoded secrets or obvious obfuscated/malicious payloads in the text itself, but the installation and execution pattern is high-risk and centralizes credential and data flow to external services. Recommend avoiding piping unknown install scripts to shell, performing manual checksum verification before executing installers, and reviewing the infsh CLI source or using alternative local/self-hosted tooling if image privacy or strict supply-chain assurance is required.