The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/generate.ts script and SKILL.md instructions leverage bun run to execute internal sub-scripts for style selection and the sips utility for local image processing (cropping, resizing, and format conversion). These actions are appropriate for the skill's stated purpose of image generation and management.\n- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes and rewrites user-supplied text. Evidence chain: (1) Ingestion points: User-provided prompts and reference images via --input in scripts/generate.ts; (2) Boundary markers: Absent during the interpolation of prompts for the model; (3) Capability inventory: File system read/write (loadImage, saveImage) and network access (callGeminiImage, callReplicateImage); (4) Sanitization: Relies on the agent's prompt-rewriting logic without dedicated input sanitization.\n- [SAFE]: The skill uses established SDKs and standard system tools for its operations. There is no evidence of hardcoded credentials, obfuscation, data exfiltration, or unauthorized persistence mechanisms.

generate-image