remix-graphic-ad-from-reference

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or vulnerabilities were identified. The skill's operations are consistent with its stated purpose of automated graphic design.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes external images, brand kits, and user-supplied copy. However, this is mitigated by the use of structured templates and specialized models.\n
  • Ingestion points: 'reference_image', 'product', 'brand', and 'copy_changes' inputs (SKILL.md).\n
  • Boundary markers: The skill uses a template-based approach with 'remix_spec' and '{{placeholders}}' to isolate instructions from data (SKILL.md).\n
  • Capability inventory: Subprocess execution of Python/Node scripts, file system writes to local directories, and network calls to the FAL AI API.\n
  • Sanitization: Content generation is constrained by the underlying image models and HTML renderer.\n- [COMMAND_EXECUTION]: The skill executes local Python scripts and Node.js tools for image manipulation. These operations are part of the core functionality and directed at local project assets.\n- [EXTERNAL_DOWNLOADS]: The skill interacts with the FAL AI service and Google Fonts. Both are well-known technology providers.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 06:17 AM
Security Audit — agent-trust-hub — remix-graphic-ad-from-reference