ai-image-generation
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs users to run shell commands using the
beltCLI, such asbelt login,belt app run, andbelt app store. These commands are standard operations for authenticating with the platform and executing image generation models.\n- [EXTERNAL_DOWNLOADS]: The skill references external configuration and installation guides from theinference-shGitHub repository and theinference.shwebsite. These links are provided to assist the user with setting up the required command-line environment and are considered neutral references to the service's official documentation.\n- [PROMPT_INJECTION]: The skill processes user-provided prompts that are interpolated into shell commands. Although this represents an attack surface for indirect prompt injection, the risk is mitigated by the following factors:\n - Ingestion points: Prompt values inside the
--inputJSON argument inSKILL.md.\n - Boundary markers: User prompts are encapsulated within a structured JSON string literal, which helps maintain data separation.\n
- Capability inventory: The skill uses the
Bashtool to executebeltcommands, which is the primary intended functionality.\n - Sanitization: The skill relies on the
beltCLI to handle and sanitize the provided JSON input before processing it through generative models.
Audit Metadata