video-prompting-guide

The file is a benign user guide for composing AI video prompts and using a cloud CLI (infsh). It does not contain embedded malware, hard-coded credentials, or obfuscated code. The main security concerns are supply-chain and data-exfiltration risks introduced by recommended workflows: pipe-to-shell installer, downloading binaries from service domains, installing npm packages via npx without pinned hashes, and granting broad allowed-tool permissions that enable arbitrary CLI actions. These are operational risks that can be mitigated with signed artifacts, pinned versions, tighter agent/tool permissions, and clear documentation of data collection.