Skills
skills/lebsral/dspy-programming-not-prompting-lms-skills/ai-understanding-images/Gen Agent Trust Hub

ai-understanding-images

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or unauthorized credential access were detected in the skill instructions or provided code examples.
  • [EXTERNAL_DOWNLOADS]: The skill instructions demonstrate how to fetch images from external URLs and use models from well-known AI services (OpenAI, Anthropic, Google). These are legitimate operations aligned with the skill's primary purpose.
  • [PROMPT_INJECTION]: The skill demonstrates several signatures that ingest untrusted external data (images and text context), which represents a surface for indirect prompt injection.
  • Ingestion points: image, context, listing_title, page_context, and image_role fields in SKILL.md and examples.md.
  • Boundary markers: Absent.
  • Capability inventory: Reading local images (PILImage.open in SKILL.md) and fetching from URLs (dspy.Image.from_url in SKILL.md). The skill does not possess high-risk capabilities such as arbitrary command execution or system modification based on AI outputs.
  • Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 06:46 PM
Security Audit — agent-trust-hub — ai-understanding-images