Skills
skills/agairola/fuel-pricing-skill/frame-tv/Gen Agent Trust Hub

frame-tv

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses dynamic context injection (!command) in SKILL.md to execute shell commands when the skill is loaded. These commands are used for 'Setup Status' to verify if the uv tool is installed and if the GEMINI_API_KEY is configured in the environment or specific hidden configuration files.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted user data that is then used to construct requests for an AI image generation model.
  • Ingestion points: The --prompt and --input-image arguments in scripts/frame_tv_art.py allow users to provide text and images.
  • Boundary markers: Absent. User prompts are directly concatenated with hardcoded strings (e.g., '. High resolution, museum-quality artwork...') without using delimiters or instructions to ignore embedded commands.
  • Capability inventory: The associated script scripts/frame_tv_art.py can read local files, perform network operations (via the Google Gemini API), and write files to the local filesystem.
  • Sanitization: No validation or sanitization is performed on the user-provided prompt text before it is interpolated into the final API request.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 01:33 AM