gemini-image
Warn
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill transmits user data and authentication tokens to an external API at
api.apicore.ai. This service is not on the whitelisted domains or recognized as a well-known service. - [COMMAND_EXECUTION]: Employs the
curlutility to execute HTTP POST requests for image generation. - [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection.
- Ingestion points: It takes user-provided descriptions and image URLs directly from the agent context in
SKILL.md. - Boundary markers: It lacks explicit boundary markers or instructions for the agent to ignore control commands embedded in the user-provided prompt or image URLs.
- Capability inventory: The skill has the capability to perform network requests via
curlacross the provided scripts. - Sanitization: There is no evidence of sanitization, validation, or escaping of the external content before it is interpolated into the API call.
Audit Metadata