design
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill implements its core logic via Python scripts that manage searching design data, constructing AI generation requests, and rendering HTML presentations for clients.
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of established libraries such as
google-genaiandpillow, and communicates with official Google Gemini API endpoints for its multimodal generation capabilities. - [PROMPT_INJECTION]: The skill ingests untrusted user data (e.g., brand names, industry contexts, and design prompts) and interpolates it into instructions sent to LLMs.
- Ingestion points: User-provided command line arguments in
generate.pyandsearch.pyscripts. - Boundary markers: None identified; inputs are concatenated or formatted directly into prompt templates.
- Capability inventory: The skill has the ability to write files to the local system and execute shell commands as described in the documentation for social media image exports.
- Sanitization: Inputs used in filenames are slugified to prevent path traversal, but text used in LLM prompts is not escaped or filtered.
Audit Metadata