logo-batch-generator
Fail
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [CREDENTIALS_UNSAFE]: A hardcoded Google Gemini API key (AIzaSyDvvGGRbH4Os3Er0dYi0kE_AzE3_2b_Az8) is present in SKILL.md within the Phase 3 command example and the API configuration table, exposing the author's credentials to any user.
- [COMMAND_EXECUTION]: The skill generates shell commands for image generation using user-provided brand descriptions without input validation or sanitization, which could lead to command injection if malicious strings are provided.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of untrusted data from user descriptions and uploaded images.
- Ingestion points: Phase 1 (SKILL.md) ingests user descriptions and image analysis results.
- Boundary markers: None present.
- Capability inventory: Shell command execution via python3 scripts/generate_image.py.
- Sanitization: None present.
- [DATA_EXFILTRATION]: The instructions in SKILL.md reveal absolute system paths (e.g., /Users/ugreen/Documents/obsidian/09image/), exposing the internal directory structure and host username.
Recommendations
- AI detected serious security threats
Audit Metadata