ai-video-generation
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The skill instructs the agent to execute
curl -fsSL https://cli.inference.sh | sh. This is a classic piped-to-shell attack vector. Because the source is not a trusted repository or organization, the contents of the script could be modified to include malicious payloads (e.g., backdoors, data exfiltration) at any time. - COMMAND_EXECUTION (HIGH): The skill requires access to the Bash tool to run
infshcommands. Since theinfshbinary is installed via an untrusted script, all subsequent tool calls inherit the risk of the initial compromise. - CREDENTIALS_UNSAFE (HIGH): The installation instructions include an
infsh loginstep. Providing credentials to a tool installed from an unverified source poses a high risk of credential harvesting. - INDIRECT_PROMPT_INJECTION (LOW): The skill interpolates user-provided prompts directly into shell commands via JSON payloads.
- Ingestion points: User input for video prompts and URLs in
infsh app runcommands. - Boundary markers: Absent; prompts are passed as raw strings within JSON objects.
- Capability inventory: Full shell access via the Bash tool (
infsh *). - Sanitization: None; the skill relies on the external CLI to handle potentially malicious input strings.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata