ai-music-generation

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • REMOTE_CODE_EXECUTION (CRITICAL): The skill explicitly instructs the execution of curl -fsSL https://cli.inference.sh | sh. This 'pipe to shell' pattern is a severe security risk as it executes code from an external source without any verification or integrity checks. The domain inference.sh is not on the list of trusted external sources.
  • EXTERNAL_DOWNLOADS (HIGH): The skill depends on downloading and installing a third-party CLI tool from an untrusted source to function.
  • COMMAND_EXECUTION (MEDIUM): The skill defines Bash(infsh *) as an allowed tool, which grants the agent broad permissions to execute any subcommand of the potentially malicious infsh utility.
  • PROMPT_INJECTION (LOW): The skill exhibits an indirect prompt injection surface. Evidence: 1. Ingestion points: User-provided 'prompt' and 'lyrics' strings in the infsh app run commands. 2. Boundary markers: Absent. 3. Capability inventory: Execution of the infsh tool via Bash. 4. Sanitization: No sanitization or escaping of the input JSON is shown, which could lead to command injection if the CLI tool does not handle input safely.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 18, 2026, 11:02 AM
Security Audit — agent-trust-hub — ai-music-generation