product-changelog
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing additional capabilities using 'npx skills add inference-sh/skills@agent-tools', 'npx skills add inference-sh/skills@ai-image-generation', and 'npx skills add inference-sh/skills@prompt-engineering'. These resources are associated with the vendor's official toolset.
- [COMMAND_EXECUTION]: The skill uses the 'infsh' CLI to perform operations such as authentication ('infsh login') and running remote applications ('infsh app run') for image generation and processing.
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by using the 'infsh/agent-browser' tool to visit external URLs.
- Ingestion points: Untrusted data enters the agent context through the 'url' parameter in the 'infsh/agent-browser' tool call (SKILL.md).
- Boundary markers: None provided to separate external content from agent instructions.
- Capability inventory: The skill has access to shell command execution ('infsh') and network operations via the browser tool.
- Sanitization: No explicit sanitization or validation of the retrieved web content is mentioned.
Audit Metadata