Skills
skills/1nfsh-s3/skills/image-upscaling/Gen Agent Trust Hub

image-upscaling

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (CRITICAL): The skill explicitly instructs the agent or user to execute a remote script via a piped shell command (curl | sh). This allows the remote server to execute arbitrary code on the local system.
  • Evidence: SKILL.md contains curl -fsSL https://cli.inference.sh | sh.
  • Verification: This matches a confirmed detection pattern for untrusted remote code execution.
  • [COMMAND_EXECUTION] (HIGH): The skill relies on executing the infsh binary, which is a third-party executable downloaded at runtime without verification from a trusted platform.
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill references and downloads assets from inference.sh and dist.inference.sh, which are not recognized as trusted sources.
  • [PROMPT_INJECTION] (LOW): The skill possesses an indirect prompt injection surface by taking untrusted data (URLs and prompts) and passing them as arguments to a CLI tool.
  • Ingestion points: image_url and prompt fields in JSON payloads.
  • Boundary markers: None present to distinguish between instructions and data.
  • Capability inventory: Command execution via Bash tool.
  • Sanitization: No sanitization logic is evident in the skill instructions.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 19, 2026, 08:12 PM