image-upscaling
Pass
Audited by Gen Agent Trust Hub on Jul 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references installation instructions located at
https://raw.githubusercontent.com/inference-sh/skills/refs/heads/main/cli-install.md. This points to an external repository not managed by the skill author or a known trusted organization. - [COMMAND_EXECUTION]: The skill relies on the
beltCLI tool for its primary functions, including authentication (belt login) and executing inference apps (belt app run). The execution environment is restricted to thebeltcommand space via theallowed-toolsconfiguration in the frontmatter. - [PROMPT_INJECTION]: The skill processes images from external URLs provided in the
image_urlparameter. This creates a surface for indirect prompt injection, where an attacker could embed malicious text or instructions within a low-resolution image that, once upscaled and analyzed by the agent, could attempt to influence agent behavior. - Ingestion points:
image_urlparameter inbelt app runcommands (SKILL.md). - Boundary markers: None present in the instructions to warn the agent about embedded content.
- Capability inventory:
Bash(belt *)tool access allows for tool-specific operations. - Sanitization: No explicit sanitization or filtering of image content is described before processing.
Audit Metadata