ima-skill
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands and local helper scripts (
node,python3,curl,iconv) to perform API interactions, validate file metadata, and ensure correct text encoding before transmission. - [DATA_EXFILTRATION]: The skill is designed to read user-provided API credentials from environment variables or local configuration files (
~/.config/ima/) to authenticate requests sent to the official IMA API endpoint atima.qq.com. - [PROMPT_INJECTION]: The skill features a surface for indirect prompt injection as it can fetch and process content from external URLs and user-uploaded files; however, it includes instructions to filter sensitive content and requires explicit user confirmation for potentially destructive operations like appending to existing notes.
Audit Metadata