infographic-generator
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands (
test -f) to check for configuration files (EXTEND.md) in the project directory and the user's home directory. It also specifies logic for file management and backups, including renaming existing analysis and image files using timestamped suffixes. - [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection (Category 8) as it is designed to ingest external data and incorporate it into prompts for downstream image generation tools. The requirement to preserve data 'verbatim' increases the risk that malicious instructions in the source content could influence the agent's behavior.
- Ingestion points: User-provided content passed via file paths or pasted directly into the agent (referenced in Step 1.2).
- Boundary markers: No explicit delimiters or warnings to ignore embedded instructions are implemented in the prompt generation logic.
- Capability inventory: The skill writes multiple files to the local system (
analysis.md,structured-content.md,prompts/infographic.md) and invokes an external image generation skill (Step 6). - Sanitization: The instructions explicitly state to 'preserve all source data verbatim', indicating a lack of content filtering or sanitization before interpolation into the final prompt.
Audit Metadata