nanoppt
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the execution of a local Python script (
scripts/generate.py) to manage image generation and editing workflows. - [DATA_EXFILTRATION]: The
scripts/generate.pyscript accesses sensitive configuration data, including an authentication token and service URL, from~/.rebyte.ai/auth.json. This data is used to authorize network requests to the vendor's image generation API. This behavior is documented as standard functionality for the 'rebyteai' platform. - [PROMPT_INJECTION]: The skill processes external article content to create ASCII frameworks and prompts for AI image generation, which introduces an indirect prompt injection surface. Malicious content within a processed article could attempt to influence the agent's generation behavior.
- Ingestion points: External article content provided by the user in the 'Article to ASCII Framework' step.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the workflow.
- Capability inventory: The skill can execute local Python scripts that perform network POST requests and write files to the local disk.
- Sanitization: The skill does not perform sanitization or validation of the input article text before processing it into image prompts.
Audit Metadata