team-group-photo
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local TypeScript scripts using the bun runtime for various stages of the workflow, including style picking (preview_server.ts), image generation (generate.ts), and image optimization (optimize-images.ts). These scripts are referenced via the ${CLAUDE_PLUGIN_ROOT} environment variable.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it interpolates untrusted user inputs (names and background preferences) directly into the prompts sent to the image generation script.
- Ingestion points: User-provided 'Team member names' and 'Background preference' collected during Step 1.
- Boundary markers: Absent; user inputs are directly concatenated into the prompt strings in Steps 3 and 5.
- Capability inventory: The skill possesses the capability to execute the generate.ts script with dynamically constructed prompts.
- Sanitization: No sanitization, escaping, or validation of user-provided strings is performed before interpolation into the final prompt command.
Audit Metadata