bx-image
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documents the 'bx-image' module, which is an official resource provided by the author 'ortus-boxlang'.
- [COMMAND_EXECUTION]: Instructions include the use of 'box install' and 'install-bx-module' for package management, which are standard for the BoxLang ecosystem.
- [EXTERNAL_DOWNLOADS]: The 'ImageRead' function is documented to support fetching images from remote URLs. This is an intended feature for image processing workflows.
- [PROMPT_INJECTION]: Indirect surface: The skill includes functionality to process external data via 'ImageRead' which may contain untrusted metadata.
- Ingestion points: 'ImageRead' accepts external URLs and file paths in SKILL.md.
- Boundary markers: Absent; no specific instructions are provided to ignore data within image headers or metadata.
- Capability inventory: Network read, file system read/write in SKILL.md.
- Sanitization: Absent; the skill does not demonstrate validation of image content or metadata before processing.
Audit Metadata