Image To Video
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: image-to-video Version: 0.1.5 The skill is classified as suspicious due to the use of `curl -fsSL ... | sh` for installation, which is a high-risk supply chain vulnerability allowing arbitrary code execution if the remote script (`cli.inference.sh`) is compromised. Additionally, the `allowed-tools: Bash(infsh *)` permission is overly broad, granting the agent the ability to execute any command via the `infsh` tool, which could be exploited if `infsh` itself has vulnerabilities or is misused. While the stated purpose is benign, these capabilities introduce significant security risks.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user runs the installer, they are trusting the remote inference.sh installation script and downloaded binary.
The skill recommends installing an external CLI by piping a remote script to sh. This is disclosed and central to the workflow, but it is still a supply-chain-sensitive setup step.
curl -fsSL https://cli.inference.sh | sh && infsh login
Review the installer source and checksum information, or use the manual install and verification path before running the CLI.
An agent using the skill can operate the infsh CLI to submit generation jobs, so users should ensure commands reference the intended model, prompt, and image file.
The declared tool access allows Bash execution for infsh commands. This is expected for a CLI-based video-generation skill, but the wildcard is broader than a single fixed command.
allowed-tools: Bash(infsh *)
Approve infsh actions only when they match the requested image/video task and use the intended local files.
The skill may act through the user's inference.sh account when running model jobs.
The workflow requires logging into inference.sh, meaning generated jobs may use the user's service account or session.
infsh login
Use an account with appropriate limits and review any model-run command before allowing it to proceed.
Private photos, product images, or sensitive prompts could be uploaded to external generation providers if used with this skill.
The examples send image paths and prompts to external model apps through inference.sh. This is expected for image-to-video generation, but it means user content is shared with external services.
infsh app run falai/wan-2-5-i2v --input '{ ... "image": "path/to/lake-image.png" }'Only use images and prompts that you are comfortable sending to inference.sh and the selected model provider.