Skills
skills/neversight/skills_feed/ai-podcast-creation/Gen Agent Trust Hub

ai-podcast-creation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (CRITICAL): The SKILL.md file contains a command curl -fsSL https://cli.inference.sh | sh which pipes a remote script directly into the shell. This allows an untrusted third party to execute arbitrary code on the host machine. The domain inference.sh is not in the trusted list.\n- [COMMAND_EXECUTION] (HIGH): The skill requests broad permissions via allowed-tools: Bash(infsh *). This allows the agent to execute any sub-command of the untrusted infsh CLI, which can interact with various remote services and local resources.\n- [EXTERNAL_DOWNLOADS] (HIGH): The skill facilitates the download and execution of various remote 'apps' through the infsh platform. Since the platform itself is untrusted, these downloads constitute a high-risk external dependency chain.\n- [PROMPT_INJECTION] (HIGH): The 'NotebookLM-Style Content' workflow in SKILL.md exhibits a high risk of Indirect Prompt Injection. \n
  • Ingestion points: Document content interpolated in SKILL.md.\n
  • Boundary markers: Absent.\n
  • Capability inventory: infsh app run (command execution), file writing (JSON outputs).\n
  • Sanitization: Absent. \nMalicious instructions in processed documents could control the agent's behavior or influence the generated script.
Recommendations
  • CRITICAL: Downloads and executes remote code from untrusted source(s): https://cli.inference.sh - DO NOT USE
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 16, 2026, 06:48 AM