baoyu-comic

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted user content (articles, tutorials) to generate image generation prompts.
  • Ingestion points: User-provided text or files are saved to source.md and processed during the analysis and storyboard phases.
  • Boundary markers: The workflow uses structured Markdown templates (e.g., references/base-prompt.md) to isolate user-derived descriptions from technical instructions.
  • Capability inventory: The agent can execute local shell commands (npx, pngquant, optipng) and perform file system operations to create images and PDF documents.
  • Sanitization: There is no explicit sanitization or filtering of input content to prevent embedded instructions from influencing the prompt generation logic.
  • [COMMAND_EXECUTION]: The skill executes shell commands to process images and generate final outputs.
  • Evidence: SKILL.md and references/workflow.md document the use of npx -y bun to run a local PDF merging script (scripts/merge-to-pdf.ts) and a sibling image generation skill. It also utilizes system tools like pngquant, optipng, and sips for image compression.
  • [EXTERNAL_DOWNLOADS]: The skill uses npx, which may download Node.js packages or runtimes if they are not pre-installed in the environment.
  • Evidence: Execution of npx -y bun in SKILL.md and references to the pdf-lib package in scripts/merge-to-pdf.ts.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 03:07 PM
Security Audit — agent-trust-hub — baoyu-comic