image-upscaling
Fail
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructions recommend installing the CLI by piping a remote script from
https://cli.inference.shdirectly into the shell (| sh). - [EXTERNAL_DOWNLOADS]: The documentation specifies adding related skill modules using
npx skills add, which downloads and executes content from theinference-sh/skillsrepository. - [COMMAND_EXECUTION]: The skill is configured to allow the execution of the
infshcommand via Bash, granting the agent access to various subcommands for running and listing applications. - [PROMPT_INJECTION]: The skill processes untrusted external data such as image URLs and prompts via the
--inputflag, creating a surface for indirect prompt injection. Evidence: Data enters through command-line arguments inSKILL.md; No boundary markers or 'ignore' instructions are provided in the examples; The skill has the capability to execute subprocesses via the Bash tool; No input validation or sanitization of the JSON payload is visible in the instructions.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
Audit Metadata