The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill references an installation guide and related modules from the vendor's own GitHub organization and domain (inference-sh). These are official resources used for the intended functionality of the skill.
[COMMAND_EXECUTION]: The skill makes use of the infsh CLI tool via shell commands. These commands are constrained to the vendor's platform for generating images and perform no unauthorized or suspicious operations.
[PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection in the 'Batch Generation' section, where user-supplied product descriptions are interpolated into shell command strings.
Ingestion points: User-provided strings for product names and angles in SKILL.md.
Boundary markers: None explicitly defined in the provided examples.
Capability inventory: Execution is restricted to the infsh command as defined in the allowed-tools metadata.
Sanitization: No explicit sanitization or escaping is shown in the examples, but the limited scope of the allowed tool significantly reduces the risk of malicious exploitation.

ai-product-photography