Skills
skills/picsart/gen-ai-skills/dev-app-assets/Gen Agent Trust Hub

dev-app-assets

Pass

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the standard macOS/Linux utility sips for local image resizing and a specialized gen-ai CLI tool for generating assets and uploading them to Google Drive. These operations are conducted through routine shell commands and bash loops to process generated artifacts.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by interpolating untrusted user inputs (such as app names and style descriptions) directly into prompts for image generation models.
  • Ingestion points: User responses to setup questions (App name, Style direction) in SKILL.md.
  • Boundary markers: None explicitly defined; inputs are treated as prompt components.
  • Capability inventory: The skill has access to the gen-ai CLI for image generation and file storage, and sips for local file manipulation.
  • Sanitization: No input sanitization is present, which is standard for specialized creative tools where users define the visual output.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 25, 2026, 12:52 AM
Security Audit — agent-trust-hub — dev-app-assets