baoyu-xhs-images
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands such as
test -fandechoto locate and manage configuration files in the user's home directory.\n- [EXTERNAL_DOWNLOADS]: Documentation within the skill suggests the use ofnpx, which may download packages from the npm registry if they are not already available in the local environment.\n- [PROMPT_INJECTION]: The skill processes untrusted user-provided content to generate analysis and image prompts, making it susceptible to indirect prompt injection.\n - Ingestion points: User-provided article files or pasted text saved to
source.mdandsource-{slug}.{ext}.\n - Boundary markers: The prompt assembly process lacks explicit delimiters or instructions to ignore embedded commands within the source text.\n
- Capability inventory: The skill performs multiple file writes (
analysis.md,outline.md,prompts/*.md) and coordinates image generation via local scripts.\n - Sanitization: No input validation or sanitization mechanisms are implemented for the source material before it is interpolated into prompts.
Audit Metadata