fal-recipes
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill acts as an instructional layer for using the official genmedia CLI to interact with fal.ai endpoints. All tool invocations and references are consistent with the skill's stated purpose of facilitating media production.
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it facilitates the incorporation of untrusted user-provided content into generation prompts and CLI commands.
- Ingestion points: User-provided text inputs, images, and audio references across all files in the references directory.
- Boundary markers: Absent; the prompt templates do not include specific delimiters or instructions to ignore embedded commands.
- Capability inventory: Execution of shell commands via the genmedia CLI for model runs, uploads, and status checks.
- Sanitization: None specified; the skill relies on the underlying platform's safety guardrails.
Audit Metadata