Skills
skills/tul-sh/skills/speech-to-text/Gen Agent Trust Hub

speech-to-text

Fail

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill recommends an insecure installation method: curl -fsSL https://cli.inference.sh | sh. This pipes a remote script from a third-party domain directly into the system shell, which could allow for arbitrary code execution if the source is compromised or malicious.
  • [COMMAND_EXECUTION]: The skill requests broad execution permissions for the infsh command via the Bash(infsh *) tool definition. This allows the agent to run any subcommand or flag, increasing the potential impact of a prompt injection or tool-based exploit.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes external audio/video content.
  • Ingestion points: The audio_url and video_url inputs in SKILL.md fetch content from arbitrary remote locations.
  • Boundary markers: No protective boundary markers or instructions to disregard commands found within transcribed text are present.
  • Capability inventory: The agent has command execution capabilities via the infsh tool.
  • Sanitization: The skill lacks mechanisms to sanitize or validate the output of the transcription before the agent uses it.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 4, 2026, 10:41 AM