llm-models
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute the infsh CLI. This is the intended functionality and is restricted to the specific vendor utility, following the principle of least privilege.
- [EXTERNAL_DOWNLOADS]: The documentation mentions installing additional components via npx. These resources originate from the vendor's own verified ecosystem (inference-sh) and are standard installation procedures for this platform.
- [PROMPT_INJECTION]: The skill interfaces with LLMs, which inherently involves processing untrusted user input via the --input flag. This represents a known surface for indirect prompt injection, but it is the primary purpose of the skill and is managed by the model provider's safety filters.
Audit Metadata