skills/skill-zero/s/speech-to-text/Gen Agent Trust Hub

speech-to-text

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • REMOTE_CODE_EXECUTION (CRITICAL): The skill instructs the user to execute curl -fsSL https://cli.inference.sh | sh. This is a highly dangerous pattern that downloads and runs code from the internet without any verification or isolation. The source domain (inference.sh) is not on the list of trusted providers.
  • EXTERNAL_DOWNLOADS (HIGH): The skill relies on external software and additional skills downloaded via npx skills add from unverified sources, creating a significant supply chain risk.
  • COMMAND_EXECUTION (MEDIUM): The skill metadata grants permission to use the Bash tool for the infsh command namespace. This enables the agent to execute shell commands using a tool installed via an insecure remote script.
  • PROMPT_INJECTION (LOW): The skill has an attack surface for indirect prompt injection as it processes untrusted audio and video URLs.
  • Ingestion points: audio_url and video_url parameters in SKILL.md.
  • Boundary markers: None present to distinguish data from instructions.
  • Capability inventory: Shell command execution via Bash(infsh *) as defined in SKILL.md.
  • Sanitization: No sanitization or validation of external input content is mentioned.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 18, 2026, 11:01 AM
Security Audit — agent-trust-hub — speech-to-text