product-photography
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides a command to install the necessary CLI tool from the vendor's domain.
- File:
SKILL.md - Evidence:
curl -fsSL https://cli.inference.sh | sh - Analysis: This command downloads and executes an installation script from the vendor's domain (
inference.sh). The documentation explains that the script is used for OS detection and binary verification, which is standard for CLI tools provided by this vendor. - [COMMAND_EXECUTION]: The skill instructs the agent to execute the
infshCLI tool to process images. - File:
SKILL.md - Evidence:
infsh app run bytedance/seedream-4-5 --input ... - Analysis: These shell commands are used to invoke the AI models as per the skill's primary function. The execution environment is appropriately restricted to the
infshtool within the skill's configuration.
Audit Metadata