immich
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to load environment variables and execute API requests. Evidence includes the use of
sourcefor configuration files andcurlfor interacting with REST endpoints. - [PROMPT_INJECTION]: The skill processes data from the Immich API (such as photo metadata and album lists), which presents an attack surface for indirect prompt injection. There are no boundary markers or explicit sanitization steps defined for handling these API responses.
- [DATA_EXFILTRATION]: The skill communicates with non-whitelisted network destinations, specifically the IP address 100.120.242.29 and the domain tootie.tv. These operations are part of the skill's primary function to connect to a self-hosted server.
Audit Metadata