image-gen
Warn
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions describe a method for executing a local Python script:
python "${CLAUDE_PLUGIN_ROOT}/scripts/generate_image.py" "프롬프트" .... By directly placing the user-provided "프롬프트" (prompt) into the shell command string, the skill creates a surface for command injection if the user input contains shell metacharacters. - [EXTERNAL_DOWNLOADS]: The skill references and integrates with services from well-known technology providers, specifically Higgsfield, fal.ai, and Google Gemini, to fulfill image generation requests.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted user prompts to perform routing and tool execution, creating an indirect injection surface.
- Ingestion points: User-provided prompts entered through the agent interface as described in SKILL.md.
- Boundary markers: None; the skill does not specify the use of delimiters or instructions to ignore embedded commands in the user input.
- Capability inventory: Shell command execution for local Python scripts and access to multiple MCP tools (higgsfield.generate_image_soul, fal-ai.run_inference).
- Sanitization: No validation or sanitization of the user prompt is described before its use in scripts or tools.
Audit Metadata