ai-product-photography
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool specifically to execute
infshcommands. This follows the principle of least privilege by restricting the tool's scope to a specific CLI. - [EXTERNAL_DOWNLOADS]: The skill references external resources, including an image hosted on
cloud.inference.shand suggestions to install related skills usingnpxfrom theinference-shorganization. - [PROMPT_INJECTION]: The 'Batch Generation' section contains a bash script template that interpolates variables (
$PRODUCTand$angle) directly into a JSON string for a shell command. This creates a surface for indirect prompt injection or command injection if an agent populates these variables with unsanitized external data. - Ingestion points: Variables
$PRODUCTand$anglein theSKILL.mdfile's bash examples. - Boundary markers: Absent; the variables are placed directly inside double-quoted strings within a JSON payload.
- Capability inventory: The skill possesses the capability to execute the
infshCLI tool via Bash. - Sanitization: No sanitization, escaping, or validation of the interpolated variables is demonstrated in the provided script examples.
Audit Metadata