baoyu-comic
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted user content (articles, tutorials) to generate image generation prompts.
- Ingestion points: User-provided text or files are saved to
source.mdand processed during the analysis and storyboard phases. - Boundary markers: The workflow uses structured Markdown templates (e.g.,
references/base-prompt.md) to isolate user-derived descriptions from technical instructions. - Capability inventory: The agent can execute local shell commands (
npx,pngquant,optipng) and perform file system operations to create images and PDF documents. - Sanitization: There is no explicit sanitization or filtering of input content to prevent embedded instructions from influencing the prompt generation logic.
- [COMMAND_EXECUTION]: The skill executes shell commands to process images and generate final outputs.
- Evidence:
SKILL.mdandreferences/workflow.mddocument the use ofnpx -y bunto run a local PDF merging script (scripts/merge-to-pdf.ts) and a sibling image generation skill. It also utilizes system tools likepngquant,optipng, andsipsfor image compression. - [EXTERNAL_DOWNLOADS]: The skill uses
npx, which may download Node.js packages or runtimes if they are not pre-installed in the environment. - Evidence: Execution of
npx -y buninSKILL.mdand references to thepdf-libpackage inscripts/merge-to-pdf.ts.
Audit Metadata