flux-image
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
infsh(inference.sh) CLI tool to perform authentication and run image generation models. - Evidence:
infsh login,infsh app run falai/flux-dev-lora. - [EXTERNAL_DOWNLOADS]: The skill references installation instructions for the vendor's CLI hosted on GitHub and suggests adding further skills from the same organization using
npx. - Evidence:
https://raw.githubusercontent.com/inference-sh/skills/refs/heads/main/cli-install.mdandnpx skills add inference-sh/skills@.... - [PROMPT_INJECTION]: The skill processes user-supplied text prompts to generate images, representing a surface for indirect prompt injection where instructions embedded in a prompt might influence model output (Category 8).
- Ingestion points: User prompts provided via the
--inputJSON parameter inSKILL.md. - Boundary markers: JSON keys (e.g.,
"prompt": "...") serve as structural delimiters. - Capability inventory: Execution of image generation apps via the
infshCLI tool. - Sanitization: Not explicitly defined within the instruction file; relies on the underlying platform's model safety filters.
Audit Metadata