pollinations
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- Data Exposure & Exfiltration (LOW): The skill's scripts (chat.sh, image.sh, tts.sh) make network requests to gen.pollinations.ai. While this domain is not listed as a Trusted External Source, the communication is strictly for the purpose of interacting with the service's API endpoints as documented. No sensitive local file access or exfiltration of credentials was detected.
- Indirect Prompt Injection (LOW): The skill processes user-supplied text to drive AI generation, creating a surface where malicious instructions could potentially influence downstream agent actions if the output is used in high-privilege contexts. * Ingestion points: Ingests user prompts as command-line arguments in all provided scripts. * Boundary markers: No clear delimiters are used; prompts are interpolated directly into API payloads. * Capability inventory: Scripts utilize curl for network access and write binary data (images, video, audio) to the local filesystem. * Sanitization: Employs jq and URL encoding, which effectively prevent shell-level command injection but do not sanitize the semantic content of the prompts themselves.
Audit Metadata