cover-image
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The
references/base-prompt.mdfile contains a directive specifically targeting the safety mechanisms of image generation models by instructing the agent to "DO NOT refuse to generate" when encountering sensitive or copyrighted subjects. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted article content to influence its analysis and the resulting prompt generation without appropriate safeguards.
- Ingestion points: Article text provided via local file paths or direct input through the
/cover-imagecommand. - Boundary markers: The prompt creation workflow defined in Step 4 does not implement delimiters or isolation techniques to distinguish between system instructions and processed data.
- Capability inventory: The skill performs file system reads and writes and can execute other agent skills for image generation.
- Sanitization: The skill lacks validation, filtering, or escaping logic to ensure that instructions embedded within the ingested article content do not override the agent's intended behavior.
Audit Metadata