skills/skill-zero/s/dialogue-audio/Gen Agent Trust Hub

dialogue-audio

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • REMOTE_CODE_EXECUTION (CRITICAL): The skill explicitly instructs the execution of curl -fsSL https://cli.inference.sh | sh in the Quick Start section. This pattern downloads a script from an untrusted external source and pipes it directly into the shell, allowing for arbitrary code execution with no integrity checks.
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill depends on external resources from inference.sh, which is not on the list of trusted providers. This introduces supply-chain risk as the source is unverifiable.
  • COMMAND_EXECUTION (MEDIUM): The skill uses the Bash(infsh *) tool to run commands. While functional for the skill's purpose, this provides a powerful vector for exploitation if combined with malicious input.
  • PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8).
  • Ingestion points: The prompt field within the JSON input for infsh app run in SKILL.md.
  • Boundary markers: Absent; there are no delimiters or instructions to ignore embedded commands within the dialogue text.
  • Capability inventory: Uses Bash to execute the infsh CLI, which interacts with remote APIs.
  • Sanitization: Absent; the skill passes raw strings to the CLI tool.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 18, 2026, 10:56 AM
Security Audit — agent-trust-hub — dialogue-audio