Skills
skills/b-open-io/gemskills/generate-icon/Gen Agent Trust Hub

generate-icon

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Uses Bun.spawnSync to call system binaries like convert (ImageMagick) and iconutil (macOS) for bundling icons into multi-resolution formats (.ico, .icns). This is a standard requirement for the skill's functionality.
  • [EXTERNAL_DOWNLOADS]: Interacts with the Replicate API (api.replicate.com) to perform background removal on generated icons and downloads the resulting images. Replicate is a well-known AI service.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface. (1) Ingestion point: prompt argument in scripts/generate.ts. (2) Boundary markers: Present; the user prompt is wrapped in ICON_PROMPT_TEMPLATE. (3) Capability inventory: Bun.spawnSync for image tools, file writes to --output, and network access to Replicate/Gemini APIs. (4) Sanitization: Absent. The risk is limited to the visual content of the generated icon.
  • [DATA_EXFILTRATION]: Transmits image data to the Replicate API for processing. This is a primary function of the skill and is documented for the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 12:36 AM