qr-code-generator
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/batch_generate.pyinvokes a local helper scriptscripts/generate_qr.pyusingsubprocess.check_call. The implementation uses an argument list rather than a shell string, which is a secure practice to prevent shell injection vulnerabilities. - [PROMPT_INJECTION]: The skill processes data from user-provided CSV files, creating a surface for indirect prompt injection. \n- Ingestion points: Data is read from the CSV file specified in the
--csvargument ofscripts/batch_generate.py. \n- Boundary markers: The script does not use specific markers to delimit data or instructions within the processed CSV rows. \n- Capability inventory: The skill utilizes subprocess execution and file system access to generate and save images. \n- Sanitization: The helper scriptscripts/generate_qr.pyvalidates URLs, but the batch script does not sanitize CSV input fields before passing them as command-line arguments.
Audit Metadata