Skills
skills/benzema216/dreamina-claude-skills/dreamina-super-resolution/Gen Agent Trust Hub

dreamina-super-resolution

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [Data Exposure & Exfiltration] (MEDIUM): The skill takes a sessionid parameter and transmits it in the Cookie header to https://jimeng.jianying.com. This represents a handling and transfer of sensitive user authentication tokens to a third-party service.\n- [Indirect Prompt Injection] (LOW): The skill processes untrusted image_uri data and returns JSON results from an external API, which the agent likely reads to continue its task. This creates a potential surface for indirect prompt injection.\n
  • Ingestion points: image_uri parameter in super_resolution function in SKILL.md.\n
  • Boundary markers: Absent.\n
  • Capability inventory: Outbound network requests via requests.post.\n
  • Sanitization: None detected for the input URI or the API response fields.\n- [External Network Access] (LOW): The skill communicates with an external, non-whitelisted domain (jimeng.jianying.com) and uses a custom MD5-based signing algorithm (generate_sign) to interact with an unofficial or private API.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 07:29 AM