infsh-cli
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads an installation script and binary executables from the vendor's official domains (cli.inference.sh and dist.inference.sh).
- [REMOTE_CODE_EXECUTION]: Installation instructions provide a method to pipe a remote script to a shell (curl | sh) to deploy the CLI, which is the platform's official installation path.
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute 'infsh' commands for managing tasks, authentication, and model execution.
- [DATA_EXFILTRATION]: The CLI features the ability to upload local file paths (images, audio, video) to the vendor's cloud infrastructure for processing, which is a core function for media-related AI tasks.
- [PROMPT_INJECTION]: The skill processes external data returned from the inference.sh API (such as app listings and task statuses), representing an indirect prompt injection surface. Evidence: (1) Ingestion points: Output from 'infsh app list' and 'infsh task get' (2) Boundary markers: Absent (3) Capability inventory: Bash tool used for executing 'infsh' (4) Sanitization: Absent.
Audit Metadata