happyhorse
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches installation instructions and configuration from the official inference.sh GitHub repository.
- [COMMAND_EXECUTION]: Uses the belt CLI tool to execute video generation and editing tasks on the inference.sh platform.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes external media files (images and videos) provided via URL in SKILL.md. Boundary markers for untrusted data are absent. The capability inventory includes remote API execution via belt app run in SKILL.md. No local sanitization or validation of the media content is performed within the skill instructions.
Audit Metadata