meme-generation

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The script fetches meme template metadata from api.imgflip.com and downloads template images from i.imgflip.com. These are well-known services for meme-related content.
  • [COMMAND_EXECUTION]: The skill executes a local Python script (generate_meme.py) to handle image processing and text rendering.
  • [PROMPT_INJECTION]: The skill processes user-supplied captions to generate memes. It optionally uses a vision model to verify the output, which introduces a surface for indirect prompt injection where text rendered into the image could attempt to influence the vision model's evaluation.
  • Ingestion points: User-provided captions in SKILL.md and generate_meme.py.
  • Boundary markers: None present for the text overlay.
  • Capability inventory: Local file writes (/tmp/meme.png), network reads (Imgflip), and vision analysis (vision_analyze).
  • Sanitization: No specific sanitization of caption text before rendering.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 01:44 PM
Security Audit — agent-trust-hub — meme-generation