Skills
skills/inferencesh/agent-skills/ai-voice-cloning/Gen Agent Trust Hub

ai-voice-cloning

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • Remote Code Execution (CRITICAL): The command curl -fsSL https://cli.inference.sh | sh downloads and executes a script from an untrusted domain directly in the shell. This pattern is highly susceptible to supply chain attacks.
  • Remote Code Execution (MEDIUM): The instructions use npx skills add inferencesh/skills@..., which downloads and executes code from an unverified NPM organization.
  • Command Execution (MEDIUM): The skill requires the Bash tool for running infsh commands, creating a potential vector for command injection.
  • External Downloads (HIGH): Software is downloaded from the inference.sh domain, which is not on the list of trusted providers.
  • Indirect Prompt Injection (LOW): The skill processes external text input for voice synthesis without proper sanitization.
  • Ingestion points: The text field in JSON inputs for infsh app run in SKILL.md.
  • Boundary markers: None.
  • Capability inventory: Bash tool for CLI execution.
  • Sanitization: No escaping or validation is specified.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:44 PM