Skills
skills/opensensenova/sensenova-skills/sn-da-image-caption/Gen Agent Trust Hub

sn-da-image-caption

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The scripts/caption.py script transmits image data to the OpenAI API endpoint (https://api.openai.com/v1). This is the intended primary purpose of the skill and targets a well-known service.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted image content that may contain adversarial instructions intended to influence the agent during the parsing or visualization stages.
  • Ingestion points: Ingests various image formats (.png, .jpg, .jpeg, etc.) and user-defined prompts via CLI arguments.
  • Boundary markers: None identified in the prompt templates within scripts/caption.py to separate instructions from image content.
  • Capability inventory: The skill uses subprocess.run to execute Python scripts, writes files to the local directory (cache), and generates visualizations/Excel exports.
  • Sanitization: The parse_markdown_table function in SKILL.md parses data based on structure but does not filter for embedded natural language instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 02:55 PM