ai-baoyu-compress-image

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The provided Python script scripts/run.py is designed to execute requests against the AI Skills platform API at ai-skills.ai. It handles authentication via environment variables, manages asynchronous job polling, and implements standard SSL certificate verification using the certifi library when available.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from users through several input fields (materialText, materialUrl, materialFile), creating a surface for indirect prompt injection where malicious instructions could be embedded in the processed content.
  • Ingestion points: Inputs are accepted via the materialText, materialUrl, and materialFile parameters as defined in references/form-schema.json.
  • Boundary markers: The provided files do not show explicit delimiters or "ignore previous instructions" guards in the prompt templates.
  • Capability inventory: The skill's capabilities are limited to performing network requests to the authorized platform domain (ai-skills.ai) via the runner script; no local file system modifications or arbitrary code execution capabilities were found.
  • Sanitization: There is no evidence of client-side sanitization or filtering of external content before it is sent to the API service.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-baoyu-compress-image