genmedia
Fail
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFE
Full Analysis
- [REMOTE_CODE_EXECUTION]: The installation instructions for Linux, macOS, and Windows recommend piping a remote script directly to the system shell using commands like
curl https://genmedia.sh/install -fsS | bashandirm https://genmedia.sh/install.ps1 | iex. This is a high-risk pattern that executes unverified code from a non-whitelisted domain. - [REMOTE_CODE_EXECUTION]: The CLI features a
genmedia updatecommand that fetches and executes software updates from a remote server, as well asgenmedia skills installwhich downloads and installs additional agent skills from an external registry into the agent's environment. - [COMMAND_EXECUTION]: The skill's primary purpose is to execute various CLI commands on the local system, providing a broad attack surface for command injection if input parameters are not correctly sanitized by the agent.
- [EXTERNAL_DOWNLOADS]: The skill facilitates multiple external downloads, including the initial installer, CLI updates, and model-specific extensions from the
genmedia.shdomain. - [DATA_EXFILTRATION]: The
genmedia uploadcommand allows for the transmission of local files to the fal.ai CDN. This functionality presents a risk of data exfiltration if the agent is instructed to upload sensitive system configuration or private user data. - [CREDENTIALS_UNSAFE]: The
genmedia setupcommand handles sensitive API credentials (FAL_KEY) and offers to persist them in a local configuration file, making them potentially accessible to other processes on the system.
Recommendations
- HIGH: Downloads and executes remote code from: https://genmedia.sh/install - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata