image-upscaling
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the user to install the
belt-sh/clitool usingnpxand references installation instructions hosted on GitHub (raw.githubusercontent.com/inference-sh/skills). These are recognized resources for the service provided. - [COMMAND_EXECUTION]: The skill uses shell commands (
belt app run) to execute image upscaling and generation tasks on remote AI providers. The tool access is restricted to thebeltcommand via the skill's allowed-tools configuration. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface.
- Ingestion points: Untrusted data enters via the
image_urlandpromptparameters in shell commands withinSKILL.md. - Boundary markers: Absent; no delimiters or warnings are used to separate untrusted data.
- Capability inventory: The skill uses
belt app runto execute remote applications via shell commands inSKILL.md. - Sanitization: Absent; input is interpolated directly into the command strings without explicit validation.
Audit Metadata