background-remove
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill instructions specify executing a local Python script via the command line using arguments provided by the user (file paths).
- Evidence: The workflow examples show commands such as
python3 ${SKILL_PATH}/skills/background-remove/scripts/background_remove.py -i "/path/to/image.jpg". - Risk: If the agent interpolates unsanitized user input into the shell command, an attacker could use shell metacharacters (e.g.,
;,&&,|) to execute arbitrary malicious code on the system. - [EXTERNAL_DOWNLOADS] (LOW): The
rembglibrary, which is a primary requirement, downloads a large external asset (U2-Net model) upon its first execution. - Evidence: Documentation states: "The first run will download the U2-Net model (~170MB) which is cached for future use."
- Risk: This introduces a dependency on external hosting infrastructure and remote code/data that is not bundled with the skill itself.
Audit Metadata