dialogue-audio
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The skill explicitly instructs the execution of
curl -fsSL https://cli.inference.sh | shin the Quick Start section. This pattern downloads a script from an untrusted external source and pipes it directly into the shell, allowing for arbitrary code execution with no integrity checks. - EXTERNAL_DOWNLOADS (MEDIUM): The skill depends on external resources from
inference.sh, which is not on the list of trusted providers. This introduces supply-chain risk as the source is unverifiable. - COMMAND_EXECUTION (MEDIUM): The skill uses the
Bash(infsh *)tool to run commands. While functional for the skill's purpose, this provides a powerful vector for exploitation if combined with malicious input. - PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8).
- Ingestion points: The
promptfield within the JSON input forinfsh app runinSKILL.md. - Boundary markers: Absent; there are no delimiters or instructions to ignore embedded commands within the dialogue text.
- Capability inventory: Uses
Bashto execute theinfshCLI, which interacts with remote APIs. - Sanitization: Absent; the skill passes raw strings to the CLI tool.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata