58pic
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts (
search.py,ai_generate.py,download.py,preview.py) to manage its core functionality. - [EXTERNAL_DOWNLOADS]: The skill downloads images and API configuration data from the official vendor domain (
ai.58pic.com). - [DATA_EXPOSURE]: Sensitive API keys are stored in a local configuration file at
~/.58pic_config.jsonwith restricted permissions (0600), following standard security practices for secret management. - [INDIRECT_PROMPT_INJECTION]: The skill processes JSON data from external API responses, which presents an attack surface for indirect prompt injection. 1. Ingestion points: Data is received from
ai.58pic.cominsearch.py,ai_generate.py, anddownload.py. 2. Boundary markers: No explicit delimiters are used to wrap external content when provided to the agent. 3. Capability inventory: The skill possesses network access (urllib.request) and file-write capabilities. 4. Sanitization: The skill performs standard JSON parsing without additional sanitization of textual metadata (titles, descriptions) from the API. This surface is considered low risk as it originates from the vendor's own API.
Audit Metadata