image-to-video
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely focused on providing documentation and legitimate command-line examples for the inference.sh service.
- [COMMAND_EXECUTION]: The skill utilizes the
infshCLI tool for media generation and processing. These commands are consistent with the skill's stated purpose and are restricted to the vendor's own ecosystem. - [EXTERNAL_DOWNLOADS]: The skill suggests adding related skills using
npx skills add inference-sh/skills@.... These are official vendor resources and do not represent a security risk. - [INDIRECT_PROMPT_INJECTION]: As a generative AI guide, the skill processes user-provided prompts to create video content. While this is an inherent attack surface for any generative tool, the skill uses structured JSON inputs for the CLI, and no specific vulnerabilities or unsafe interpolation patterns were found.
Audit Metadata