baoyu-comic
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user-provided content to generate comic storyboards and prompts, which could be exploited for indirect prompt injection attacks.\n
- Ingestion points: External text is read from user-specified file paths or direct text input (saved to
source.md).\n - Boundary markers: While the skill uses markdown templates, it does not employ explicit delimiters or system instructions to ignore potential commands within the user data.\n
- Capability inventory: The skill is capable of writing files to the disk, executing local TypeScript scripts, and calling other agent tools for image generation.\n
- Sanitization: No validation or escaping is applied to the input source content prior to processing by the language model.\n- [COMMAND_EXECUTION]: The skill executes local scripts and utility commands to manage configuration and process comic assets.\n
- Evidence: It runs
scripts/merge-to-pdf.tsvia thebunornpxruntime to generate the final PDF output.\n - Evidence: It invokes shell commands such as
test -ffor file detection andsipsorpngquantfor image compression and conversion.
Audit Metadata