background-removal

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • REMOTE_CODE_EXECUTION (CRITICAL): The skill explicitly instructs users to run an unverified installer script via the pattern "curl -fsSL https://cli.inference.sh | sh". This grants the owner of the inference.sh domain the ability to execute arbitrary code on the host machine.
  • EXTERNAL_DOWNLOADS (HIGH): The skill relies on and installs several unverified packages and tools from "inference.sh" and via "npx" that are not part of the trusted provider list.
  • COMMAND_EXECUTION (MEDIUM): The skill requests broad bash tool permissions ("infsh *"). Because the primary binary is installed via an insecure remote script, any subsequent execution of this tool is inherently untrustworthy.
  • PROMPT_INJECTION (LOW): Detected surface for indirect prompt injection. Evidence: 1. Ingestion points: "image_url" fields in Bash command inputs. 2. Boundary markers: Absent. 3. Capability inventory: Access to Bash subprocess via infsh. 4. Sanitization: Absent.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 18, 2026, 11:00 AM
Security Audit — agent-trust-hub — background-removal