background-removal
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides a command to download an installation script from https://cli.inference.sh. This domain is an official resource owned by the vendor, inference-sh-9, and is used for tool setup.
- [REMOTE_CODE_EXECUTION]: The setup process uses a curl-to-shell pattern (curl | sh) to install the vendor's CLI tool. While typically flagged, this is considered safe as it originates from the verified vendor's domain for its intended primary purpose.
- [COMMAND_EXECUTION]: The skill executes the 'infsh' command-line tool to perform image processing tasks. The execution is properly restricted using the allowed-tools header to maintain security.
- [INDIRECT_PROMPT_INJECTION]: The skill processes image URLs within JSON payloads passed to the CLI. 1. Ingestion points: image_url parameter in infsh app run commands in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Bash(infsh *) allowing tool execution. 4. Sanitization: Absent.
Audit Metadata