ai-image-generation
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the 'belt' CLI tool to perform image generation and model interaction tasks. Execution is scoped using the 'allowed-tools' frontmatter configuration, which restricts the agent to authorized 'belt' subcommands.
- [EXTERNAL_DOWNLOADS]: The skill references external resources for installation and documentation, including the 'belt-sh/cli' package and installation guides hosted on GitHub by the service provider (inference-sh). These resources are central to the skill's intended functionality for cloud-based AI inference.
- [PROMPT_INJECTION]: The skill processes user-supplied strings as image generation prompts within a JSON structure. * Ingestion points: User prompts are interpolated into the '--input' argument of 'belt app run' (SKILL.md). * Boundary markers: Prompts are encapsulated within a JSON object, though no explicit instructions are provided to ignore embedded commands. * Capability inventory: The skill utilizes subprocess execution for the 'belt' CLI to perform network-based image generation. * Sanitization: No explicit sanitization or filtering of prompt content is performed within the skill instructions.
Audit Metadata