daily-gift
Fail
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. 1. Ingestion points: Conversation context, user taste data, and memory files (SKILL.md). 2. Boundary markers: No explicit delimiters or instructions to ignore embedded content are mentioned. 3. Capability inventory: Execution of shell scripts, cron job scheduling, and network requests to external APIs (SKILL.md). 4. Sanitization: No evidence of sanitization or validation of the processed conversation data before it influences script parameters.
- [COMMAND_EXECUTION]: The skill utilizes shell scripts located in the scripts/ directory to manage rendering pipelines and fetch assets. It also configures a recurring cron job for persistent daily execution of its creative pipeline.
- [EXTERNAL_DOWNLOADS]: Makes network requests to external image/video generation APIs and remote asset hosting services to render content and fetch media assets.
Recommendations
- AI detected serious security threats
Audit Metadata