p-image
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the 'infsh' CLI tool to execute model inference tasks, which is the primary function of the skill.
- [EXTERNAL_DOWNLOADS]: The skill refers to an external markdown file on GitHub for CLI installation and mentions adding additional functionality via 'npx' commands.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface where user-provided text is passed directly to system shell commands. ● Ingestion points: User-defined prompts within the 'infsh' command input. ● Boundary markers: Prompts are enclosed within a JSON object string. ● Capability inventory: The skill utilizes the Bash tool to run shell commands. ● Sanitization: There is no evidence of input validation or escaping for the user-supplied prompts within the provided instructions.
Audit Metadata