adobe-create-social-variations
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes bash commands to retrieve file metadata, specifically file size and MIME types, for user-uploaded assets. This is a standard procedure for file handling within the skill's environment.
- [DATA_EXFILTRATION]: The skill programmatically uploads user-provided assets to Adobe Creative Cloud services if network egress is enabled. This behavior is consistent with the skill's documented purpose and its 'adobe' authorship, representing expected vendor functionality.
- [PROMPT_INJECTION]: The skill accepts user-supplied text to guide the focus strategy of image processing tools (e.g., through a prompt for subject-aware cropping). This creates an attack surface for indirect prompt injection.
- Ingestion points: User-provided descriptions for image subjects and uploaded media files in SKILL.md.
- Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands for the interpolated user input.
- Capability inventory: The skill has access to file system metadata via bash, programmatic network upload capabilities to Adobe services, and generative image processing tools.
- Sanitization: There is no mention of sanitization or validation for the user-provided focus descriptions before they are used in tool calls.
Audit Metadata