flux-image

This skill documents using a third-party CLI (infsh) and hosted inference service to run FLUX image models. The documented behavior matches the stated purpose (remote model inference), but the install pattern (curl | sh) and transitive installation recommendations (npx skills add ...) introduce notable supply-chain risks. Data (prompts, images, LoRA URLs) is sent to external inference.sh endpoints; credentials may be collected via infsh login with no details about storage/retention. Overall, the skill is plausible and probably functional for its intended purpose, but it requires trusting the inference.sh distribution and runtime. Recommend avoiding piped install commands without manual checksum verification, auditing the downloaded infsh binary before execution, and exercising caution when installing transitive skills via npx. For sensitive data or credentials, do not use this skill unless you trust the inference.sh operator and have verified the binary checksums and privacy policy.