ai-marketing-videos
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): Found
curl -fsSL https://cli.inference.sh | sh. This pattern downloads and executes a script from an untrusted domain directly in the host shell without verification, allowing for immediate system compromise. - EXTERNAL_DOWNLOADS (HIGH): The skill utilizes
npx skills addto install and execute additional code frominferencesh/skills. As this source is not in the trusted scope, it represents an unverifiable dependency risk. - PROMPT_INJECTION (HIGH): The skill is vulnerable to Indirect Prompt Injection (Category 8). Ingestion points: User-provided text prompts for video generation (e.g., in the 'Complete Ad Workflows' section). Boundary markers: Absent; inputs are directly interpolated into JSON-formatted bash arguments. Capability inventory: Command execution via the
infshCLI usingBash(infsh *)permissions. Sanitization: Absent. A malicious prompt could escape the shell command or the JSON structure to execute arbitrary code. - COMMAND_EXECUTION (HIGH): The skill extensively uses shell commands where user-controlled prompts are interpolated into double-quoted strings (e.g.,
infsh ... --input "{...$section...}"). This lack of sanitization and reliance on high-privilege shell access provides a significant attack vector.
Recommendations
- CRITICAL: Downloads and executes remote code from untrusted source(s): https://cli.inference.sh - DO NOT USE
- AI detected serious security threats
Audit Metadata