Skills
skills/phrazzld/claude-config/ai-video-generation/Gen Agent Trust Hub

ai-video-generation

Fail

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill includes the command curl -fsSL https://cli.inference.sh | sh in the Quick Start section. This is a highly dangerous pattern that downloads a shell script from a remote server and executes it immediately without any verification of its content or integrity.
  • [EXTERNAL_DOWNLOADS]: The skill depends on a CLI tool hosted on an external domain (inference.sh) that is not part of the trusted vendors list. This poses a risk as the source and the downloaded binaries are unverified.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool with a wildcard (infsh *), allowing the agent to execute any subcommand of the infsh utility. This broad permission could be exploited if the agent is manipulated into running malicious commands.
  • [PROMPT_INJECTION]:
  • Ingestion points: The skill processes user-controlled input in fields like prompt, image_url, and audio_url in the SKILL.md file.
  • Boundary markers: No boundary markers are present in the command templates to separate user data from the instructions, making the skill susceptible to indirect prompt injection attacks.
  • Capability inventory: The skill possesses the capability to execute shell commands and interact with external network services via the infsh CLI.
  • Sanitization: There is no evidence of input validation or sanitization before untrusted data is interpolated into shell commands.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 27, 2026, 02:26 PM