Skills
skills/1nfsh-s3/skills/background-removal/Gen Agent Trust Hub

background-removal

Fail

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill includes instructions to download and execute an installation script directly from the vendor's official domain (https://cli.inference.sh) using a curl-to-shell pipe.
  • [COMMAND_EXECUTION]: The skill allows the agent to execute any sub-command of the 'infsh' CLI tool via the Bash extension.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes untrusted image URLs from external sources.
  • Ingestion points: The image_url parameter used within infsh app run commands.
  • Boundary markers: No delimiters or 'ignore' instructions are used for the input data.
  • Capability inventory: The ability to execute infsh CLI tools via Bash.
  • Sanitization: No input validation or sanitization is performed on the provided URLs.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 8, 2026, 02:51 AM