Skills
skills/inference-shell/skills/ai-podcast-creation/Gen Agent Trust Hub

ai-podcast-creation

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requests permission to execute shell commands via the infsh CLI. This is used to interact with the inference.sh platform for text-to-speech, music generation, and audio editing functions.- [EXTERNAL_DOWNLOADS]: The skill's documentation suggests installing additional tools and skills from the vendor's official repository (inference-sh/skills) using the npx command.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection in the 'NotebookLM-Style Content' workflow where documents are converted into scripts.
  • Ingestion points: External document content is interpolated into the prompt for the openrouter/claude-sonnet-45 tool in SKILL.md.
  • Boundary markers: The prompt template lacks clear delimiters or protective instructions to separate the untrusted document content from the script-writing instructions.
  • Capability inventory: The skill possesses the capability to execute shell commands (infsh) and various AI processing tools.
  • Sanitization: No input validation or sanitization is performed on the provided document content before it is processed by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 09:31 PM