ads-photoshoot
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script (~/.claude/skills/ads/scripts/generate_image.py) to perform image generation based on user-provided parameters (File: SKILL.md).\n- [COMMAND_EXECUTION]: An inline Python command (python3 -c) is used to programmatically verify that required environment variables for various image providers are configured (File: SKILL.md).\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through external data ingestion.\n
- Ingestion points: Product descriptions, URLs, and local product image paths provided by the user, as well as metadata from brand-profile.json (File: SKILL.md).\n
- Boundary markers: Absent. The prompt construction templates directly interpolate product descriptions and brand keywords into final prompts without delimiters or instructions to ignore embedded commands (File: SKILL.md).\n
- Capability inventory: The skill has the capability to execute subprocess commands via generate_image.py (File: SKILL.md).\n
- Sanitization: Absent. There is no evidence of input validation, escaping, or sanitization of external content before it is processed in prompt templates.
Audit Metadata