Skills
skills/tool-belt/skills/og-image-design/Gen Agent Trust Hub

og-image-design

Warn

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill directs users to an external URL to download and install a custom CLI tool called 'infsh'.
  • Evidence: [Install instructions](https://raw.githubusercontent.com/inference-sh/skills/refs/heads/main/cli-install.md) in SKILL.md.
  • [REMOTE_CODE_EXECUTION]: The skill instructs the agent to download and install external code modules using the npx package runner, which can lead to the execution of unverified remote code.
  • Evidence: npx skills add inference-sh/skills@ai-image-generation, npx skills add inference-sh/skills@landing-page-design, and npx skills add inference-sh/skills@prompt-engineering in SKILL.md.
  • [COMMAND_EXECUTION]: The skill frequently executes shell commands via the 'infsh' CLI to perform image generation and search tasks.
  • Evidence: infsh login, infsh app run infsh/html-to-image, and infsh app run tavily/search-assistant in SKILL.md.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from an external search tool without implementing sanitization or boundary markers.
  • Ingestion points: External data enters the context via the tavily/search-assistant tool mentioned in SKILL.md.
  • Boundary markers: None identified.
  • Capability inventory: The skill can execute multiple platform-specific applications via infsh app run.
  • Sanitization: No sanitization or validation of the search output is described.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 9, 2026, 08:01 AM