ai-image-generation
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
infshcommand-line interface to perform image generation and management tasks. The use of this tool is restricted via theallowed-toolsconfiguration in the frontmatter, which limits the agent's execution environment to specific approved commands. - [EXTERNAL_DOWNLOADS]: The skill documentation provides instructions to install the
infshCLI and additional related skills usingnpx skills add inference-sh/skills. These resources are hosted by the vendor and are necessary for the skill's intended functionality. - [PROMPT_INJECTION]: The skill processes user-provided text strings as prompts for AI image generation models. This creates a surface for indirect prompt injection, where an attacker could provide data containing instructions for the agent. However, the impact is minimized as the data is passed to an image generation model via a structured JSON input.
- Ingestion points: Prompts are ingested through the
--inputargument in theinfsh app runcommands withinSKILL.md. - Boundary markers: The skill uses JSON formatting to encapsulate input data, providing a clear boundary between the command structure and the user prompt.
- Capability inventory: The skill is limited to image generation, listing apps, and authentication via the
infshCLI. - Sanitization: There is no explicit sanitization of the input strings within the skill file, relying on the underlying platform's handling of the prompt data.
Audit Metadata