image-generation
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the execution of TypeScript scripts (
generate_poster.ts,generate_video.ts) using thenpx tsxcommand. - [EXTERNAL_DOWNLOADS]: The scripts download generated media content from well-known AI service providers including Google Gemini, fal.ai, and xAI. These operations are essential to the skill's primary function.
- [DATA_EXFILTRATION]: The skill reads local files specified via the
--assetsor--imageflags and uploads their contents to external APIs (Google, fal.ai, xAI). While this is the intended use case for image-to-image or image-to-video generation, it involves transmitting local data to remote servers. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it interpolates user-provided text into instructions sent to external AI models without sanitization.
- Ingestion points: User-provided prompts and file paths via command-line arguments in
generate_poster.tsandgenerate_video.ts. - Boundary markers: None present. Prompt additions like the Hebrew RTL instruction or 'WOW mode' are simply concatenated with user input.
- Capability inventory: Includes file system read/write (
readFileSync,writeFile,copyFileSync) and network operations (fetch, fal.ai/Google SDKs). - Sanitization: No evidence of input validation or prompt sanitization.
Audit Metadata