product-photography

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references official installation instructions and documentation hosted on the inference-sh GitHub repository.\n- [COMMAND_EXECUTION]: The skill uses the infsh CLI tool to perform image generation and manipulation tasks. These commands are restricted by the allowed-tools configuration to the specific infsh binary.\n- [REMOTE_CODE_EXECUTION]: Provides instructions to add supplementary skills using npx from the official inference-sh package registry, which is the standard method for extending the documented platform's functionality.\n- [PROMPT_INJECTION]: As an image generation utility, the skill interpolates user-supplied text into CLI prompts. While this constitutes an indirect prompt injection surface, it is the fundamental purpose of the tool and depends on the safety filters of the underlying AI models.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 02:09 AM
Security Audit — agent-trust-hub — product-photography