god-tibo-imagen
Warn
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill is designed to read the file
~/.codex/auth.jsonto reuse existing session tokens from the Codex CLI. Accessing sensitive local credential files is a significant security risk as these tokens could be exfiltrated if the skill or its dependencies are compromised. - [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
god-tibo-imagenpackage from both the npm registry and PyPI. Additionally, it references a remote repositoryhttps://github.com/akillness/jeo-skillsas a source for adding the skill to an agent environment. - [COMMAND_EXECUTION]: The skill requests
Bashtool permissions and relies on executing CLI commands likegtiand package managers. Executing arbitrary commands via the shell introduces a broad attack surface and potential for privilege escalation. - [PROMPT_INJECTION]: The skill processes untrusted input through text prompts and reference images, creating an attack surface for indirect prompt injection.
- Ingestion points: User-provided strings via the
--promptflag and local files via the--inputflag. - Boundary markers: None identified; user-provided data is interpolated directly into generation requests without explicit delimiters or instructions to ignore embedded commands.
- Capability inventory: The skill has access to file writes (
Write), network requests (WebFetch), and shell execution (Bash). - Sanitization: There is no evidence of input validation, escaping, or filtering of the content provided in prompts or image metadata.
Audit Metadata