image-studio
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to execute shell commands via local Python scripts using absolute paths tied to the author's environment (e.g., C:\Users\renat\skills).
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface. Ingestion points: Untrusted user-provided image prompts (e.g., 'crie uma imagem de X'). Boundary markers: None present to distinguish user input from instructions. Capability inventory: Shell execution of Python scripts via the terminal. Sanitization: No instructions are provided for the agent to escape or validate user input before shell interpolation.
Audit Metadata