happy-dreamina
Fail
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill includes instructions to download and execute an installation script from the official vendor domain (https://jimeng.jianying.com/cli | bash) when the CLI is not found during preflight checks. This is the official installation method provided by the service vendor.\n- [COMMAND_EXECUTION]: The skill operates by executing shell commands using the
dreaminaCLI binary for authentication, credit checks, and content generation subcommands.\n- [EXTERNAL_DOWNLOADS]: Fetches installation scripts and configuration resources from thejimeng.jianying.comdomain.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by passing user-supplied strings directly into CLI command arguments.\n - Ingestion points: User-provided descriptions are mapped to the
--promptargument in generation commands withinSKILL.md.\n - Boundary markers: The instructions specify wrapping prompts in double quotes to mitigate shell metacharacter interference.\n
- Capability inventory: The skill has capabilities to execute shell commands and access the local filesystem through the installation process and CLI operations.\n
- Sanitization: There is no explicit filtering or sanitization of the user input strings before they are interpolated into the shell commands.
Recommendations
- HIGH: Downloads and executes remote code from: https://jimeng.jianying.com/cli - DO NOT USE without thorough review
Audit Metadata