ai-product-photography

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool specifically to execute infsh commands. This follows the principle of least privilege by restricting the tool's scope to a specific CLI.
  • [EXTERNAL_DOWNLOADS]: The skill references external resources, including an image hosted on cloud.inference.sh and suggestions to install related skills using npx from the inference-sh organization.
  • [PROMPT_INJECTION]: The 'Batch Generation' section contains a bash script template that interpolates variables ($PRODUCT and $angle) directly into a JSON string for a shell command. This creates a surface for indirect prompt injection or command injection if an agent populates these variables with unsanitized external data.
  • Ingestion points: Variables $PRODUCT and $angle in the SKILL.md file's bash examples.
  • Boundary markers: Absent; the variables are placed directly inside double-quoted strings within a JSON payload.
  • Capability inventory: The skill possesses the capability to execute the infsh CLI tool via Bash.
  • Sanitization: No sanitization, escaping, or validation of the interpolated variables is demonstrated in the provided script examples.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 12:11 PM