floracat-rednote
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates within its defined scope of generating image carousels and managing user preferences without engaging in unauthorized network activity or credential harvesting.
- [COMMAND_EXECUTION]: Low-privilege shell commands (test -f, Test-Path) are used in a documented manner to verify configuration file existence. These commands do not involve user-controlled arguments, preventing command injection.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it interpolates user data into prompts for image generation. Ingestion points: Source content provided by users (text or files) during Step 1. Boundary markers: The skill uses ## Content headers within the references/workflows/prompt-assembly.md template to isolate user input. Capability inventory: Capabilities include writing to the local filesystem (analysis and prompt files) and invoking the $floracat-image-gen skill. Sanitization: The skill relies on structural delimiters to maintain instruction integrity but does not perform character-level sanitization of user input.
Audit Metadata