Skills
skills/inference-sh/agent-skills/qwen-image-2/Gen Agent Trust Hub

qwen-image-2

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references installation instructions for the vendor's CLI tool (infsh) hosted on its official GitHub repository.
  • [COMMAND_EXECUTION]: The skill utilizes the infsh CLI tool for model interaction, authentication, and management. It also mentions using npx to manage related vendor skills.
  • [PROMPT_INJECTION]: The skill processes user prompts and external image URLs, which are potential surfaces for indirect prompt injection.
  • Ingestion points: User-provided text in the prompt field and external image URIs in the reference_images array.
  • Boundary markers: The skill uses structured JSON to delimit inputs, separating instructions from data.
  • Capability inventory: The agent utilizes the infsh CLI for executing image generation and editing tasks.
  • Sanitization: Input length limits are specified; content moderation is performed by the upstream provider (Alibaba/inference.sh).
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 09:11 AM