qwen-image
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill documentation includes an installation command
curl -fsSL https://cli.inference.sh | sh. This script is hosted on the official domain of the skill author (inference-sh) and is the standard method for deploying their CLI tool. - [EXTERNAL_DOWNLOADS]: The installation process fetches platform-specific binaries and checksums from
dist.inference.sh. These resources are provided by the vendor to facilitate the skill's primary function. - [COMMAND_EXECUTION]: The skill requests permission to use the
Bashtool, but explicitly limits the scope to theinfshcommand using theallowed-tools: Bash(infsh *)constraint. This follows the principle of least privilege. - [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided prompts and external image URIs through the
reference_imagesparameter. While this presents a theoretical surface for indirect injection, the risk is mitigated by the structured JSON input format and the specialized nature of the image generation task.
Audit Metadata