Skills
skills/inferencesh/skills/ai-marketing-videos/Gen Agent Trust Hub

ai-marketing-videos

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • Remote Code Execution (CRITICAL): The skill documentation explicitly instructs the user to run curl -fsSL https://cli.inference.sh | sh. This is a high-risk pattern that executes an unverified remote script with the user's shell privileges.
  • External Downloads (HIGH): The skill references and encourages adding multiple external skills using npx skills add inference-sh/skills@.... This creates a chain of unverified dependencies from an untrusted source.
  • Command Execution (MEDIUM): The skill utilizes a powerful bash tool infsh with broad permissions (Bash(infsh *)), allowing for arbitrary subcommand execution including login and resource management.
  • Indirect Prompt Injection (LOW): The skill processes user-controlled prompts by interpolating them directly into JSON payloads for AI models.
  • Ingestion points: The --input JSON strings in multiple infsh app run commands.
  • Boundary markers: None detected; user input is directly concatenated into the command string.
  • Capability inventory: Full bash execution via the infsh utility.
  • Sanitization: No evidence of sanitization or escaping for user-provided prompt strings.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 18, 2026, 11:11 AM