ai-image-generation
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references official installation instructions and additional skills from the inference-sh GitHub organization. These are legitimate resources belonging to the vendor ecosystem.\n- [COMMAND_EXECUTION]: Instructs the agent to use the 'belt' CLI tool for logging in and running AI applications. These commands are necessary for the skill's documented functionality.\n- [PROMPT_INJECTION]: The skill ingests user-supplied text for image generation prompts, which represents an indirect prompt injection surface.\n
- Ingestion points: User prompts in the JSON payload of the 'belt app run' command (SKILL.md).\n
- Boundary markers: The input is bounded by JSON structure, but no explicit 'ignore embedded instructions' markers are included in the prompt template.\n
- Capability inventory: Uses the 'belt' CLI to execute remote AI image applications based on user input.\n
- Sanitization: No sanitization or input validation for the prompt text is performed by the skill.
Audit Metadata