multimodal-gen
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The scripts
generate_image.py,generate_video.py, andprompt_optimizer.pyexecute the local system commandpass api/xingjiabiapiviasubprocess.runto retrieve authentication credentials from the password manager. - [COMMAND_EXECUTION]: The
generate.pywrapper script dynamically orchestrates the content generation workflow by executing internal Python scripts (prompt_optimizer.py,generate_image.py,generate_video.py) usingsubprocess.runwith arguments derived from user input. - [EXTERNAL_DOWNLOADS]: The skill downloads resulting image and video files from remote URLs, including the
s3.ffire.ccdomain, usingrequests.getafter content generation is completed by the external service. - [DATA_EXFILTRATION]: User-provided prompts and the retrieved API key are transmitted to the external API endpoint
https://xingjiabiapi.com/v1to perform requested tasks. - [PROMPT_INJECTION]: The skill ingests untrusted user input as generation prompts and interpolates them directly into API payloads and internal command execution calls without robust boundary markers or sanitization, creating a surface for indirect prompt injection.
Audit Metadata