ai-baoyu-compress-image
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The provided Python script
scripts/run.pyis designed to execute requests against the AI Skills platform API atai-skills.ai. It handles authentication via environment variables, manages asynchronous job polling, and implements standard SSL certificate verification using thecertifilibrary when available. - [PROMPT_INJECTION]: The skill ingests untrusted data from users through several input fields (
materialText,materialUrl,materialFile), creating a surface for indirect prompt injection where malicious instructions could be embedded in the processed content. - Ingestion points: Inputs are accepted via the
materialText,materialUrl, andmaterialFileparameters as defined inreferences/form-schema.json. - Boundary markers: The provided files do not show explicit delimiters or "ignore previous instructions" guards in the prompt templates.
- Capability inventory: The skill's capabilities are limited to performing network requests to the authorized platform domain (
ai-skills.ai) via the runner script; no local file system modifications or arbitrary code execution capabilities were found. - Sanitization: There is no evidence of client-side sanitization or filtering of external content before it is sent to the API service.
Audit Metadata