The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill instructs the user to execute curl -fsSL https://cli.inference.sh | sh. This is a high-risk pattern that downloads a script from a remote server and executes it immediately in the shell. This method of installation is susceptible to man-in-the-middle attacks or server-side compromises.
[EXTERNAL_DOWNLOADS]: The skill references and downloads resources from cli.inference.sh and dist.inference.sh. These domains are not recognized as trusted organizations or well-known services according to safety guidelines.
[COMMAND_EXECUTION]: The skill suggests running multiple commands using npx (e.g., npx skills add inference-sh/skills@ai-video-generation). NPX downloads and executes packages from the NPM registry, which can lead to the execution of untrusted code if the package name or version is not strictly verified.
[COMMAND_EXECUTION]: The skill requires access to the Bash tool to run infsh commands. The security of these operations depends entirely on the integrity of the infsh binary installed via the remote execution script mentioned above.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its ingestion of untrusted user data into video generation prompts.
Ingestion points: User-provided strings are interpolated into JSON payloads for the infsh app run command within SKILL.md examples.
Boundary markers: There are no delimiters or instructions provided to the agent to ignore potentially malicious instructions embedded within the user's video prompt.
Capability inventory: The skill has the capability to execute shell commands via Bash(infsh *) and perform network operations through the platform's CLI.
Sanitization: No evidence of input sanitization or validation is present in the skill's instructions.

video-prompting-guide