adobe-illustrator-operator
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a helper script
scripts/probe_illustrator_asset.pythat executes standard system utilities (file,pdfinfo) to gather asset metadata. These operations are performed using the safesubprocess.runAPI with argument lists, mitigating command injection risks. The usage is strictly for local file inspection. - [EXTERNAL_DOWNLOADS]: References are made to an optional bridge tool named 'Flue'. The instructions explicitly prohibit automatic installation of external software, requiring user approval and existing installation checks (
pip show flue), which aligns with security best practices. - [PROMPT_INJECTION]: The skill provides robust system-level instructions and safety guardrails, such as 'Never save, close, overwrite... unless the user explicitly asks' and 'Do not open or mutate Illustrator by reflex'. These instructions are designed to constrain the agent's behavior to safe, non-destructive actions.
- [DATA_EXFILTRATION]: No network operations or unauthorized data access patterns were detected. The skill focuses on local file manipulation and rendering of assets.
Audit Metadata