Skills
skills/inference-sh/agent-skills-registry/flux-image/Gen Agent Trust Hub

flux-image

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references a CLI installation document hosted on the vendor's official GitHub repository (inference-sh). This is a routine reference for required tooling.
  • [COMMAND_EXECUTION]: Command execution is performed via the infsh CLI, which is scoped within the allowed-tools definition to ensure the agent operates within a restricted execution environment.
  • [PROMPT_INJECTION]: The skill manages user-supplied text prompts as an ingestion surface for image generation.
  • Ingestion points: Prompts are passed via the --input flag in the infsh command as seen in SKILL.md.
  • Boundary markers: User input is encapsulated within a structured JSON object, providing a clear boundary between data and instruction.
  • Capability inventory: Tool capabilities are limited to network-based image generation via the vendor's API.
  • Sanitization: Standard shell argument handling by the execution platform is expected to prevent command injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 12:34 AM