album-art-director
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill contains no instructions to ignore safety guardrails, bypass content filters, or extract system prompts.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or sensitive file paths were detected. Network access is not requested, and filesystem tools are focused on project-specific album paths.
- [Obfuscation] (SAFE): No use of Base64, zero-width characters, or homoglyphs to hide malicious intent.
- [External Downloads & RCE] (SAFE): The skill does not download external packages or execute remote scripts.
- [Indirect Prompt Injection] (SAFE): While the skill ingests external album concepts and preference files, it lacks high-risk capabilities (like arbitrary command execution or network exfiltration) that would facilitate a successful indirect injection attack.
Audit Metadata