Skills
skills/skillsh/skills/ai-content-pipeline/Gen Agent Trust Hub

ai-content-pipeline

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill orchestrates multi-step workflows by executing infsh CLI commands in the shell. These templates use shell loops and variable interpolation to process data between different AI models.
  • [EXTERNAL_DOWNLOADS]: The documentation references external installation scripts and media assets hosted on vendor-controlled domains (inference.sh) and GitHub repositories (github.com/inference-sh). These are documented as vendor resources for the core functionality.
  • [PROMPT_INJECTION]: The skill identifies patterns where untrusted external data (such as blog content or model-generated scripts) is interpolated directly into subsequent model prompts without boundary markers. This creates a surface for indirect prompt injection.
  • Ingestion points: User-provided text inputs and intermediate JSON outputs (e.g., script.json, summary.json) in SKILL.md.
  • Boundary markers: Absent; data is placed directly inside JSON strings within shell commands.
  • Capability inventory: Shell access for execution of AI applications via the infsh tool.
  • Sanitization: No sanitization or validation of the ingested content is defined in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 12:27 PM