prompt-engineering
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill requests broad permission to execute the
infshCLI tool viaallowed-tools: Bash(infsh *). This tool is the primary interface for interacting with AI models on the inference.sh platform as described in the documentation. - [EXTERNAL_DOWNLOADS]: The skill references image assets hosted on the vendor's official domain (
cloud.inference.sh) and suggests installing related skills from the same vendor usingnpx. These are legitimate vendor-originated resources. - [SAFE]: No malicious patterns such as credential exfiltration, obfuscation, or unauthorized persistence were detected. The inclusion of potentially vulnerable code examples is for educational purposes within the context of security-focused prompt engineering.
Audit Metadata