Skills
skills/inference-sh-3/skills/qwen-image-2/Gen Agent Trust Hub

qwen-image-2

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references a shell script installation guide hosted on the vendor's GitHub repository.
  • [COMMAND_EXECUTION]: The skill utilizes the infsh command-line interface to interact with remote AI models.
  • [PROMPT_INJECTION]: The skill accepts user-provided prompts and external image URIs for processing, which constitutes an indirect prompt injection surface.
  • Ingestion points: User-supplied prompt and reference_images (SKILL.md).
  • Boundary markers: None explicitly defined in the skill instructions.
  • Capability inventory: Execution of the infsh tool via Bash.
  • Sanitization: No explicit sanitization or validation of external content is described in the skill content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 01:02 AM