image-upscaling

Pass

Audited by Gen Agent Trust Hub on Jul 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references installation instructions located at https://raw.githubusercontent.com/inference-sh/skills/refs/heads/main/cli-install.md. This points to an external repository not managed by the skill author or a known trusted organization.
  • [COMMAND_EXECUTION]: The skill relies on the belt CLI tool for its primary functions, including authentication (belt login) and executing inference apps (belt app run). The execution environment is restricted to the belt command space via the allowed-tools configuration in the frontmatter.
  • [PROMPT_INJECTION]: The skill processes images from external URLs provided in the image_url parameter. This creates a surface for indirect prompt injection, where an attacker could embed malicious text or instructions within a low-resolution image that, once upscaled and analyzed by the agent, could attempt to influence agent behavior.
  • Ingestion points: image_url parameter in belt app run commands (SKILL.md).
  • Boundary markers: None present in the instructions to warn the agent about embedded content.
  • Capability inventory: Bash(belt *) tool access allows for tool-specific operations.
  • Sanitization: No explicit sanitization or filtering of image content is described before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 12, 2026, 11:43 AM