Habilidades ai-video-generation Historial de auditorías
📦

Historial de auditorías

ai-video-generation - 2 auditorías

Versión de auditoría 2

Más reciente Riesgo bajo

Feb 26, 2026, 08:58 AM

Static analysis flagged 43 external command patterns and 19 URLs, but all are FALSE POSITIVES. The external commands are bash code blocks in documentation showing usage examples, not actual shell execution. URLs are documentation links to inference.sh resources. The skill uses allowed-tools: Bash(infsh *) which properly restricts bash commands to the inference.sh CLI only. No malicious intent detected.

1
Archivos escaneados
178
Líneas analizadas
4
hallazgos
claude
Auditado por
Problemas de riesgo bajo (2)
SKILL.md:15-171
Documentation contains shell command examples
The skill documentation includes bash code blocks showing CLI usage. These are documentation examples only, not executable code. The skill restricts bash access to 'infsh *' commands via allowed-tools directive.
SKILL.md:9-177
Documentation contains external URLs
Multiple URLs link to inference.sh documentation and resources. These are reference links for users, not network calls made by the skill itself.

Factores de riesgo

⚙️ Comandos externos (13)
SKILL.md:15-21 SKILL.md:23-31 SKILL.md:67-69 SKILL.md:75-79 SKILL.md:83-88 SKILL.md:92-96 SKILL.md:100-105 SKILL.md:109-114 SKILL.md:118-123 SKILL.md:127-129 SKILL.md:133-138 SKILL.md:142-147 SKILL.md:151-169
🌐 Acceso a red (12)
SKILL.md:9 SKILL.md:11 SKILL.md:17 SKILL.md:23 SKILL.md:94 SKILL.md:102-103 SKILL.md:111-112 SKILL.md:120-121 SKILL.md:128 SKILL.md:135 SKILL.md:144 SKILL.md:175-177

Versión de auditoría 1

Seguro

Feb 27, 2026, 08:52 AM

This skill provides a wrapper for the inference.sh CLI to generate AI videos. All detected patterns (external_commands, network URLs, cryptographic references) are false positives - the skill contains only documentation examples and legitimate API endpoint references. No malicious behavior detected. The pipe-to-shell install pattern is standard for CLI tools with documented manual alternatives.

1
Archivos escaneados
178
Líneas analizadas
3
hallazgos
claude
Auditado por
Problemas de riesgo medio (1)
SKILL.md:17
Pipe-to-Shell Install Pattern
The skill documentation shows `curl -fsSL https://cli.inference.sh | sh` for CLI installation. While this is a common pattern, piping directly to shell carries inherent risk. However, the skill provides manual installation alternatives and the service is a legitimate AI video generation platform.

Factores de riesgo

⚙️ Comandos externos (43)
SKILL.md:15-21 SKILL.md:21-23 SKILL.md:23-31 SKILL.md:31-32 SKILL.md:32-33 SKILL.md:33-34 SKILL.md:34-35 SKILL.md:35-36 SKILL.md:36-37 SKILL.md:37-38 SKILL.md:38-44 SKILL.md:44-45 SKILL.md:45-46 SKILL.md:46-52 SKILL.md:52-53 SKILL.md:53-54 SKILL.md:54-55 SKILL.md:55-61 SKILL.md:61-62 SKILL.md:62-63 SKILL.md:63-67 SKILL.md:67-69 SKILL.md:69-75 SKILL.md:75-79 SKILL.md:79-83 SKILL.md:83-88 SKILL.md:88-92 SKILL.md:92-96 SKILL.md:96-100 SKILL.md:100-105 SKILL.md:105-109 SKILL.md:109-114 SKILL.md:114-118 SKILL.md:118-123 SKILL.md:123-127 SKILL.md:127-129 SKILL.md:129-133 SKILL.md:133-138 SKILL.md:138-142 SKILL.md:142-147 SKILL.md:147-151 SKILL.md:151-169 SKILL.md:169-171
🌐 Acceso a red (19)
SKILL.md:9 SKILL.md:11 SKILL.md:17 SKILL.md:23 SKILL.md:23 SKILL.md:94 SKILL.md:102 SKILL.md:103 SKILL.md:111 SKILL.md:112 SKILL.md:120 SKILL.md:121 SKILL.md:128 SKILL.md:135 SKILL.md:144 SKILL.md:144 SKILL.md:175 SKILL.md:176 SKILL.md:177
← Volver a Skill