baoyu-cover-image
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user-provided article content to generate prompts for an image generation backend.
- Ingestion points: Article content provided via file path or direct paste.
- Boundary markers: Employs markdown headers (e.g., '# Content Context') to delimit user content within the generated prompt.
- Capability: The skill can write files to the local filesystem and invoke other agent skills for image generation.
- Sanitization: No explicit sanitization or escaping of user content is performed before it is interpolated into the final prompt.
- [COMMAND_EXECUTION]: The skill uses local shell commands (
test -f) to detect the presence of configuration files (EXTEND.md) in both project-local and user-home directories. This is used for managing user preferences and is limited to operational directories.
Audit Metadata