ai-product-photography
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: Provides an installation command that fetches and executes a script from cli.inference.sh to set up the platform's CLI tool. This operation is limited to initial setup of the vendor's official utility.
- [EXTERNAL_DOWNLOADS]: Downloads binary executables and verifies checksums from dist.inference.sh as part of the tool's deployment process.
- [COMMAND_EXECUTION]: Utilizes Bash to execute infsh commands for image generation and platform management, with tool access specifically restricted to this CLI.
- [PROMPT_INJECTION]: Includes a surface for indirect prompt injection as user text is interpolated into image generation commands. The skill mitigates this by using structured JSON input fields which act as boundary markers between user data and command arguments.
Audit Metadata