isometric-asset-sheets
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill uses untrusted user input for asset names and descriptions which then influence file system operations and configuration updates. 1. Ingestion points: [ASSET TYPE], [ASSET], and [CATEGORY DESCRIPTIONS] in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: GenerateImage tool, file writing to /public/assets/, and modification of renderConfig.ts. 4. Sanitization: No sanitization is described for user-provided strings.
- Command Execution (MEDIUM): The skill instructs the agent to save files and update renderConfig.ts based on the generation process. This provides a vector for path traversal or configuration poisoning if the filenames and metadata derived from user input are not validated.
Recommendations
- AI detected serious security threats
Audit Metadata