ai-marketing-videos
Fail
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructions include a procedure to install the
infshCLI by downloading a script fromhttps://cli.inference.shand piping it directly into a shell. This is a standard installation method for the service. - [EXTERNAL_DOWNLOADS]: The skill fetches and interacts with various external AI models and sub-skills from the
inference.shecosystem, including components for video, image, and voice synthesis. - [COMMAND_EXECUTION]: The skill uses the
Bashtool restricted to theinfshcommand prefix to run video generation workflows, merge media files, and manage application states. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes user-supplied prompts for marketing scenes and script content.
- Ingestion points: User-provided text for video descriptions, product features, and voiceover scripts used in the
infsh app runexamples. - Boundary markers: None identified; user input is interpolated as string arguments within JSON payloads in CLI commands.
- Capability inventory: The skill has permissions to execute the
infshutility, which communicates with remote APIs and saves data to local files (e.g.,hook.json). - Sanitization: There is no explicit evidence of input sanitization or filtering to prevent malicious instructions within user-provided strings from affecting the AI model's behavior.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
Audit Metadata