text-to-speech
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (HIGH): The skill instructs the agent/user to install the CLI using
curl -fsSL https://cli.inference.sh | sh. This is a critical security risk as it executes unverified code from an untrusted external source directly in the system shell. Although this is the primary installation method for the service, it remains a high-severity finding. - [EXTERNAL_DOWNLOADS] (HIGH): The documentation encourages the use of
npx skills add inference-sh/skills@..., which downloads and executes packages from a non-whitelisted source. This creates a vector for supply chain attacks or execution of malicious third-party code. - [COMMAND_EXECUTION] (MEDIUM): The skill's configuration grants the agent permission to execute any command starting with
infsh. This provides broad capability to interact with the local filesystem and remote services, which could be exploited if the agent is manipulated via prompt injection.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata