ai-content-pipeline
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides links to the official GitHub repository of inference-sh for CLI installation instructions and platform documentation. These are legitimate resources for the tool's operation.
- [COMMAND_EXECUTION]: Instructs the agent to perform login, execute AI models, and manage output files using the infsh CLI via Bash. It also includes commands for adding related skills using npx.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface: 1. Ingestion points: The pipeline ingests data from external web searches and LLM-generated scripts. 2. Boundary markers: Absent; data is directly interpolated into model inputs. 3. Capability inventory: Shell command execution and file system writes via redirection. 4. Sanitization: No sanitization or validation of the input data is performed.
Audit Metadata