Skills
skills/zephyrwang6/write-skill/article-batch-illustration/Gen Agent Trust Hub

article-batch-illustration

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script, scripts/generate_image.py, to handle image generation via the Gemini API. This execution is a core part of the skill's functional workflow.
  • [PROMPT_INJECTION]: The skill processes external article content to generate image prompts, creating a surface for indirect prompt injection (Category 8). Malicious instructions within an article could theoretically influence the generated prompts.
  • Ingestion points: Article text is read from the local file system or the active workspace via SKILL.md.
  • Boundary markers: There are no explicit delimiters or safety warnings to ignore instructions embedded within the processed article content.
  • Capability inventory: The skill can execute local scripts and write files to the local file system.
  • Sanitization: The skill does not perform sanitization on the article text before including it in the prompt generation process.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 07:35 AM