explainer-video-guide

[Skill Scanner] Pipe-to-shell or eval pattern detected This skill content is functionally consistent with its stated purpose (explainer video production). The main security concerns are supply-chain and privacy/trust risks: it instructs users to run a remote installer via curl | sh and to route prompts, media, and credentials through the inference.sh managed gateway and multiple provider apps. There is no evidence of intentionally malicious code in the text, but the installation and centralized routing model raises moderate risk (potential for credential exposure or data exfiltration if the CLI/service or downstream providers are malicious or compromised). Recommend: verify installer source (inspect script before running), prefer vetted package distributions or checksums, understand inference.sh data handling and retention policies, and avoid uploading sensitive media/credentials. LLM verification: This SKILL.md is a plausible explainer-video production guide that uses a hosted CLI gateway (infsh) to orchestrate model/app runs. The content is consistent with its stated purpose, but it contains a high-risk installation pattern (curl | sh) and routes all prompts/images/authentication through a centralized service without documenting data handling. There is no direct evidence of embedded malware in the text itself, but the recommended installer and opaque gateway create supply-chain and priva