Skills
skills/skills-shell/skills/p-image/Gen Agent Trust Hub

p-image

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references installation instructions and documentation hosted on GitHub (raw.githubusercontent.com/inference-sh/) and the platform's official site (inference.sh). These are well-known or platform-specific sources intended for skill setup.
  • [COMMAND_EXECUTION]: The skill utilizes the belt CLI tool (restricted via Bash(belt *)) to interact with remote image generation applications. Commands like belt login and belt app run are standard for the platform's operation.
  • [DATA_EXFILTRATION]: User-provided text prompts and image URLs are sent to the inference.sh platform for processing. This is the core functionality of the skill and is documented as the intended data flow.
  • [INDIRECT_PROMPT_INJECTION]: The skill defines an attack surface by accepting external data such as image URLs and user-defined prompts. These inputs are interpolated into CLI commands (e.g., --input '{"prompt": "..."}'). While no specific sanitization is mentioned in the markdown, the use of JSON-structured input for the CLI provides a basic boundary.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 04:46 PM
Security Audit — agent-trust-hub — p-image