The Agent Skills Directory

Prompt Injection (LOW): The scripts scripts/edit-image.py and scripts/generate-image.py accept direct user input and pass it to the generative model without implementing sanitization or boundary markers. This exposes the agent to prompt injection attacks where a user might attempt to bypass safety filters or manipulate model behavior.
Indirect Prompt Injection (LOW): In scripts/grounded-gen.py and scripts/generate-image.py, the skill enables the google_search_retrieval tool, which retrieves data from the live web to ground image generation. This introduces a surface for indirect prompt injection from malicious external content. Ingestion points: Data retrieved via google_search_retrieval in scripts/grounded-gen.py and scripts/generate-image.py. Boundary markers: Not present in the implementation. Capability inventory: The scripts possess file-write capabilities (open().write()) to save generated images to the local filesystem. Sanitization: There is no evidence of sanitization or validation of the content retrieved from search results before it is processed by the model.

gemini-3-image-generation