generate-images
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill ingests data from a project file and uses it to construct prompts for an AI image generation API.
- Ingestion points: The
IMAGE_SPEC.mdfile is parsed inscripts/generate-images.jsto extract image generation prompts. - Boundary markers: Absent. The prompts are extracted directly from the markdown structure without delimiters or instructions to ignore embedded commands.
- Capability inventory: The skill performs network requests to the Gemini API and writes binary data to the local filesystem using
fs.writeFileSync. - Sanitization: The skill implements directory traversal protection in the
safeOutPathfunction to ensure files are only written within the project directory, though it does not sanitize the text prompts themselves. - [COMMAND_EXECUTION]: The skill executes
npm installandnodescripts to manage its dependencies and perform its primary image generation function. These operations are limited to the skill's internal directory and the project's image folder. - [EXTERNAL_DOWNLOADS]: The skill downloads the
@google/genailibrary from the official npm registry. This package is maintained by a well-known service provider.
Audit Metadata