Skills
skills/inference-sh/skills/qwen-image/Gen Agent Trust Hub

qwen-image

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The documentation includes an installation command that downloads and executes a script from the vendor's official domain.
  • Evidence: curl -fsSL https://cli.inference.sh | sh.
  • Context: This represents the standard installation procedure for the vendor's CLI tool and is consistent with the skill's authored source.
  • [EXTERNAL_DOWNLOADS]: The skill references external binaries and integrity checksums hosted on the vendor's distribution servers.
  • Evidence: References to dist.inference.sh for binary downloads and SHA-256 verification.
  • [COMMAND_EXECUTION]: The skill is configured to run system commands using the vendor's CLI tool to interact with AI models.
  • Evidence: allowed-tools: Bash(infsh *) and examples like infsh app run alibaba/qwen-image-2.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 12:01 PM