Skills
skills/tul-sh/skills/qwen-image-pro/Gen Agent Trust Hub

qwen-image-pro

Fail

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill provides a 'Quick Start' command (curl -fsSL https://cli.inference.sh | sh) that downloads a script from a remote URL and executes it immediately. This is a dangerous pattern that allows for arbitrary code execution from a source outside of the trusted organization list.
  • [COMMAND_EXECUTION]: The skill is configured with allowed-tools: Bash(infsh *), which grants it permission to execute the infsh command with any arguments. This capability is used to interact with remote image generation models and handle local files.
  • [PROMPT_INJECTION]: The skill processes user-provided data via the prompt and negative_prompt parameters. These inputs are passed directly to the infsh tool without sanitization or clear boundary markers, creating a surface where malicious instructions embedded in user data could potentially be executed by the agent or model.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 4, 2026, 12:29 PM