image-generation
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill processes untrusted article content to determine image themes and keywords (SKILL.md, Step 1). There are no specified boundary markers or sanitization requirements to prevent embedded instructions from overriding the agent's behavior.
- Data Exfiltration (MEDIUM): The skill authorizes the agent to upload content to an external service, ImgBB (SKILL.md, Step 4). This capability, combined with the ingestion of untrusted data, could be used by an attacker to leak information. Evidence Chain: 1. Ingestion: Article content/user prompts. 2. Boundaries: Absent. 3. Capabilities: Network upload (ImgBB), Web search. 4. Sanitization: Absent.
- External Network Operations (LOW): The skill interacts with external domains including imgbb.com, unsplash.com, pexels.com, and pixabay.com. While these are necessary for the skill's stated purpose, they represent external dependencies.
Audit Metadata