ai-image-generation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md includes commands that ingest arbitrary external URLs (e.g., "infsh app run falai/topaz-image-upscaler --input '{"image_url": "https://..."}'" and the "stitch images" example with "images": ["https://img1.jpg","https://img2.jpg"]), so the agent will fetch and process untrusted third‑party content (public image URLs) as part of its workflow and that content can influence subsequent model outputs.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill relies on the inference.sh CLI to run remote apps at runtime (e.g., infsh app run ...), which calls the inference.sh service (https://inference.sh) to execute remote model code required for the skill.