talking-head-production
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The installation instructions use 'curl -fsSL https://cli.inference.sh | sh', which is a high-risk piped execution pattern. This executes unverified remote code directly in the shell. The domain 'inference.sh' is not a trusted source according to established safety guidelines.
- [EXTERNAL_DOWNLOADS] (HIGH): The skill depends on downloading and executing software from an external, untrusted provider.
- [COMMAND_EXECUTION] (MEDIUM): The skill requests 'Bash(infsh *)' tool permissions, which allows the agent to execute any sub-command of the infsh utility, potentially leading to unintended local actions.
- [PROMPT_INJECTION] (LOW): The skill incorporates user-provided text prompts for TTS and image paths for avatar generation, representing an indirect prompt injection surface (Category 8). Evidence: 1. Ingestion points: 'prompt' and 'image' inputs in infsh commands. 2. Boundary markers: Absent. 3. Capability inventory: 'infsh' command execution. 4. Sanitization: None detected in the skill instructions.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata