ai-music-generation
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The skill explicitly instructs the execution of
curl -fsSL https://cli.inference.sh | sh. This 'pipe to shell' pattern is a severe security risk as it executes code from an external source without any verification or integrity checks. The domaininference.shis not on the list of trusted external sources. - EXTERNAL_DOWNLOADS (HIGH): The skill depends on downloading and installing a third-party CLI tool from an untrusted source to function.
- COMMAND_EXECUTION (MEDIUM): The skill defines
Bash(infsh *)as an allowed tool, which grants the agent broad permissions to execute any subcommand of the potentially maliciousinfshutility. - PROMPT_INJECTION (LOW): The skill exhibits an indirect prompt injection surface. Evidence: 1. Ingestion points: User-provided 'prompt' and 'lyrics' strings in the
infsh app runcommands. 2. Boundary markers: Absent. 3. Capability inventory: Execution of theinfshtool via Bash. 4. Sanitization: No sanitization or escaping of the input JSON is shown, which could lead to command injection if the CLI tool does not handle input safely.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata