qr-code-generator

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/batch_generate.py invokes a local helper script scripts/generate_qr.py using subprocess.check_call. The implementation uses an argument list rather than a shell string, which is a secure practice to prevent shell injection vulnerabilities.
  • [PROMPT_INJECTION]: The skill processes data from user-provided CSV files, creating a surface for indirect prompt injection. \n- Ingestion points: Data is read from the CSV file specified in the --csv argument of scripts/batch_generate.py. \n- Boundary markers: The script does not use specific markers to delimit data or instructions within the processed CSV rows. \n- Capability inventory: The skill utilizes subprocess execution and file system access to generate and save images. \n- Sanitization: The helper script scripts/generate_qr.py validates URLs, but the batch script does not sanitize CSV input fields before passing them as command-line arguments.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 04:04 PM
Security Audit — agent-trust-hub — qr-code-generator