generating-images
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill instructs the agent to gather context from the user's workspace, including reading existing images, stylesheets, and configuration files. This is intended to ensure generated images match the project's brand but creates an architectural surface for indirect prompt injection if those files contain malicious instructions.
- Ingestion points: Local project files including MDX/Markdown, CSS, tailwind configuration, and existing image assets as described in SKILL.md.
- Boundary markers: No specific delimiters or safety instructions are defined to separate workspace content from the generation prompt.
- Capability inventory: Execution of a local Python script (scripts/generate_image.py), outbound network requests to OpenAI API, and the ability to modify project code files to integrate the generated assets.
- Sanitization: No explicit sanitization or validation of the ingested workspace data is performed before prompt construction.
Audit Metadata