book-cover-design
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends the installation of external components, specifically the
beltCLI tool from thebelt-shorganization and supplementary skills from theinference-shrepository. - [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using the
beltutility to perform authentication, invoke AI models for image generation (e.g., Flux, SeaDream, Grok), and perform image upscaling. - [PROMPT_INJECTION]: The skill processes user-supplied text prompts and interpolates them into shell commands for image generation tools.
- Ingestion points: User-defined descriptions in the
promptfield of thebelt app runcommands found inSKILL.md. - Boundary markers: The input is encapsulated within a JSON object structure, though this does not fully mitigate adversarial injection.
- Capability inventory: The skill utilizes shell command execution via the
beltCLI. - Sanitization: The instructions do not provide explicit sanitization, validation, or escaping logic for the user-supplied prompt content before it is passed to the tool.
Audit Metadata