speech-to-text
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (HIGH): The skill contains the command
curl -fsSL https://cli.inference.sh | shin the Quick Start section. This is a high-risk pattern that pipes a remote script directly into a shell, allowing for unverified code execution. - [EXTERNAL_DOWNLOADS] (MEDIUM): The skill facilitates the download and installation of software from a non-whitelisted domain (inference.sh).
- [COMMAND_EXECUTION] (MEDIUM): The skill requests permission to use the Bash tool with the
infshcommand. This grants the agent broad capability to interact with the local system and the inference.sh API. - [PROMPT_INJECTION] (LOW): The skill processes untrusted data from remote URLs (audio_url) which may contain malicious instructions designed to influence the model's transcription or subsequent actions. Mandatory Evidence Chain: 1. Ingestion points:
audio_urlparameter in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory:Bash(infsh *). 4. Sanitization: Absent.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata