image-generation-mcp
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by design, as it constructs prompts from user-provided data without sanitization.
- Ingestion points: Fields like Subject, Style, and Brand Colors in SKILL.md step 2.
- Boundary markers: None; there are no delimiters or instructions provided to the agent to treat user input as untrusted.
- Capability inventory: Accesses files (Read, Write) and uses MCP tools (ask-gemini, brainstorm).
- Sanitization: No validation or escaping of user input is specified.
- [COMMAND_EXECUTION]: The instructions require the use of CLI tools for environment setup and image generation.
- Evidence: Execution of
claude mcp listandask-gemini. - Context: These commands are essential for the skill's purpose and involve tools associated with a trusted vendor (google-gemini).
Audit Metadata