Image Editing
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes shell command examples for running local image processing tools like
rembg,iopaint, andrealesrgan. These commands are intended for legitimate image manipulation tasks. - [EXTERNAL_DOWNLOADS]: The skill suggests installing several standard Python libraries such as
diffusers,rembg, andgfpganfrom public registries. It also references well-known and trusted external services via their APIs, including OpenAI, Stability AI, and ClipDrop. - [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection because it processes user-supplied images and text descriptions.
- Ingestion points: User input enters the system through images and descriptive prompts in files such as
inpainting.md,style-transfer.md, andupscaling.md. - Boundary markers: There are no clear delimiters or "ignore previous instructions" safety wrappers around user-provided data.
- Capability inventory: The skill can perform network requests (
requests.post) and execute local scripts or CLI tools across its various modules. - Sanitization: No validation or sanitization logic is demonstrated for handling untrusted input strings or image file content.
Audit Metadata