Skills
skills/agntswrm/agent-media/image-extend/Gen Agent Trust Hub

image-extend

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • COMMAND_EXECUTION (MEDIUM): The skill uses the agent-media CLI to process images. Parameters such as --in, --color, and --out are interpolated into a shell command. There is no evidence of sanitization or escaping, which could allow an attacker to perform command injection if the agent processes untrusted input strings.
  • EXTERNAL_DOWNLOADS (MEDIUM): The --in parameter allows fetching data from arbitrary URLs. This exposes the environment to untrusted external content and potential server-side request forgery (SSRF) or exploitation of vulnerabilities in the image processing library (Sharp).
  • INDIRECT_PROMPT_INJECTION (LOW): The skill ingests untrusted data from external URLs. 1. Ingestion points: The --in flag in SKILL.md accepts URLs. 2. Boundary markers: None present. 3. Capability inventory: Subprocess execution of agent-media and file system writes via --out. 4. Sanitization: None documented for the input URL or metadata. The risk is assessed as LOW because the tool performs a deterministic image transformation rather than feeding content back into an LLM for decision-making.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 02:29 AM