Skills
skills/lovstudio/image-creator-skill/lovstudio-image-creator/Gen Agent Trust Hub

lovstudio-image-creator

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The gen_image.py script automatically installs the Pillow and google-genai Python packages from the standard package registry using pip if they are not already present on the user's system.
  • [DATA_EXFILTRATION]: The skill transmits user prompts and retrieves image data through a third-party API endpoint (https://zenmux.ai/api/vertex-ai) which acts as a proxy for the underlying AI models.
  • [PROMPT_INJECTION]: The 'Code-Based Rendering' mechanism creates a vulnerability surface for indirect prompt injection.
  • Ingestion points: User-provided descriptions are used to generate self-contained HTML and React code in SKILL.md.
  • Boundary markers: The template provided for HTML generation does not include delimiters or instructions to the agent to disregard potential instructions embedded in the user's data.
  • Capability inventory: The generated HTML is executed locally using Playwright in scripts/render_to_png.py, which operates in a browser context with access to the local file system via the file:// protocol. The skill additionally possesses Bash and Write capabilities.
  • Sanitization: No validation or escaping of user-provided content is implemented before it is interpolated into the HTML/JavaScript code for rendering.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 12:18 PM