flux-image
Fail
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The documentation contains the command
curl -fsSL https://cli.inference.sh | sh. This downloads and executes a script from a remote server without verification, presenting a significant security risk if the source or connection is compromised. - [EXTERNAL_DOWNLOADS]: The skill downloads a binary CLI tool from
dist.inference.shduring the installation phase. - [COMMAND_EXECUTION]: The skill requires the
Bashtool to run theinfshcommand for image generation and system interaction. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its image generation interface.
- Ingestion points: Untrusted data enters via the
promptandimage_urlfields in the JSON input to theinfshcommand. - Boundary markers: No markers are used to separate user-provided content from instructions.
- Capability inventory: The skill can execute shell commands via
Bash(infsh *)and perform network operations. - Sanitization: No input validation or escaping is applied to the data before it is passed to the shell.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata