qwen-wanx-comic-gen
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill executes a local Python script using shell command interpolation:
python3 {baseDir}/scripts/gen.py --prompt "...". This pattern is highly vulnerable to command injection. If a user provides a prompt containing shell metacharacters (e.g.,;,&,|, or backticks), they could execute arbitrary commands on the underlying host. - [PROMPT_INJECTION] (HIGH): The skill exhibits a significant Indirect Prompt Injection surface (Category 8). It ingests untrusted user input (the image prompt) and passes it to a component with execution capabilities. There are no documented boundary markers, sanitization steps, or escaping mechanisms to prevent the user input from breaking out of the prompt argument.
- [EXTERNAL_DOWNLOADS] (LOW): Based on the workflow description, the script downloads generated images from remote URLs. While this is expected functionality, it involves network operations triggered by external API responses which should be handled with caution.
Recommendations
- AI detected serious security threats
Audit Metadata