image-edit
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of the 'agent-media' command-line tool. This CLI is an author-provided resource (agntswrm) used to interface with external image editing services.
- [PROMPT_INJECTION]: The skill definition identifies an attack surface for indirect prompt injection, as it ingests untrusted external data that is processed by a downstream AI model.
- Ingestion points: External data enters via the '--in' parameter (supporting remote URLs) and the '--prompt' parameter (supporting arbitrary user-provided text).
- Boundary markers: No delimiters or instructions to ignore embedded commands are present in the command template.
- Capability inventory: The skill executes the 'agent-media' subprocess which performs network operations to external providers (fal, replicate, runpod, ai-gateway) and handles file system output.
- Sanitization: No validation, escaping, or filtering of the input parameters is defined within the skill's instructions.
Audit Metadata