Google Veo
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: google-veo Version: 0.1.5 The skill is classified as suspicious primarily due to the high-risk installation method presented in `SKILL.md`: `curl -fsSL https://cli.inference.sh | sh`. While this is a common way to install CLIs, it represents a significant supply chain vulnerability, allowing arbitrary code execution if the `inference.sh` domain or its distribution server is compromised. Additionally, the `allowed-tools: Bash(infsh *)` permission grants the agent broad capabilities to execute any `infsh` command via Bash, which, combined with the `curl | sh` risk, elevates the overall risk profile. There is no clear evidence of intentional malicious behavior like data exfiltration or persistence within the provided files, but the potential for exploitation via the installation method is high.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can call the inference.sh CLI for video generation workflows, so users should review prompts and commands that may use their account.
The skill authorizes the agent to invoke the external `infsh` CLI broadly rather than only a single fixed Veo command. This is aligned with the stated purpose but is worth noticing because those commands run through the user's configured CLI account.
allowed-tools: Bash(infsh *)
Keep use limited to the documented Veo commands and review any generated `infsh` command before approving it if the action could affect your account.
Video generation commands will operate under the logged-in inference.sh account.
`infsh login` indicates the CLI will be connected to an external account. That is expected for this provider integration, but the registry metadata does not declare a primary credential.
curl -fsSL https://cli.inference.sh | sh && infsh login
Log in only with the account you intend to use, understand what access that account grants, and revoke or rotate the session if you stop using the skill.
Installing the CLI requires trusting the inference.sh download and installer path.
The quick start asks the user to execute a remotely downloaded installer. The artifact discloses checksum verification and says there are no elevated permissions or background processes, but the installer itself is external to the provided skill artifacts.
curl -fsSL https://cli.inference.sh | sh && infsh login
Use the manual install and checksum verification option if possible, and install only if you trust the inference.sh source.
Prompts or input files used for generation may be processed by external services.
The documented workflow sends prompt input to an external model service through the inference.sh CLI. This is expected for cloud video generation but means prompt data leaves the local environment.
infsh app run google/veo-3-1-fast --input '{"prompt": "drone shot over a mountain lake"}'Avoid including sensitive personal, confidential, or proprietary information in prompts unless you are comfortable with the provider's data handling terms.