image-illustration-upload
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill explicitly directs the agent to execute a local script located at
/Users/alchain/Documents/写作/tools/upload_image.pyusing the system shell (python3). - Evidence: Multiple instructions under '图床上传流程' and 'Step 3' command the agent to run
python3 /Users/alchain/Documents/写作/tools/upload_image.py <图片URL或本地路径>. - Risk: If an attacker can influence the input to this skill (e.g., via a malicious article), they might attempt shell injection or trick the agent into executing the script with unintended local file paths.
- CREDENTIALS_UNSAFE (MEDIUM): The skill documentation reveals that sensitive credentials (ImgBB API key) are stored in the user's shell configuration file.
- Evidence: The '技术依赖' section states: 'API配置: ImgBB API key(已配置在 ~/.zshrc)'.
- Risk: This encourages the agent to interact with or rely on environment variables from sensitive system files like
~/.zshrc, which could lead to accidental exposure of the file's full contents if the agent is asked to debug or read its environment. - DATA_EXFILTRATION (LOW): The core functionality involves sending data to an external third-party service (ImgBB).
- Evidence: The skill is designed to take local or remote images and upload them to
i.ibb.co. - Risk: While this is the stated purpose, the lack of sanitization on the file path input means a malicious prompt could potentially exfiltrate sensitive documents by passing their paths to the upload script instead of image files.
Recommendations
- AI detected serious security threats
Audit Metadata