xhs-images
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: In
SKILL.md, the workflow utilizes shell commands (e.g.,test -f) to check for the existence of its configuration file (EXTEND.md) in the project directory and the user's home directory ($HOME/.baoyu-skills/). These operations are benign and intended for preference management. - [PROMPT_INJECTION]: The skill performs content analysis and prompt generation based on user-provided input. While this creates a surface for indirect prompt injection, the risk is mitigated by mandatory confirmation checkpoints in Step 2 and Step 4, which require the user to manually verify and approve the analysis and outline before image generation occurs.
- [SAFE]: The skill reads and writes to local directories to maintain project structure and save generated assets. These file operations are restricted to the current project workspace and a dedicated skill folder in the home directory, avoiding access to sensitive system configuration files or credentials.
Audit Metadata