gh-agent-images-upload
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- Data Exposure & Exfiltration (LOW): The skill is designed to upload files to an external domain (gh-images.example.com) which is not on the trusted whitelist. While intended for its primary purpose, this involves external data transmission. Evidence: instructions for the agent-images upload command targeting an external API origin.
- Indirect Prompt Injection (LOW): The skill involves interpolating user-provided or external data, specifically file paths and alt text, into shell commands. This creates an ingestion point for potentially malicious strings that could lead to command injection if not properly handled by the agent. 1. Ingestion points: path-to-image and alt text arguments in SKILL.md. 2. Boundary markers: None defined. 3. Capability inventory: Execution of local CLI commands. 4. Sanitization: No sanitization or escaping instructions are present in the skill documentation.
Audit Metadata