image-generation
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs its described function using standard coding practices and communicates with well-known, trusted service endpoints.
- [COMMAND_EXECUTION]: The skill requires the agent to execute a local Python script (
/mnt/skills/public/image-generation/scripts/generate.py) using command-line arguments to process prompts and generate images. This is the primary and intended behavior of the skill. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it incorporates user-supplied text directly into image generation prompts without sanitization. However, the potential impact is limited to the visual content of the generated image.
- Ingestion points: User descriptions for subjects, styles, and scenes are used to populate JSON files in the
/mnt/user-data/workspace/directory. - Boundary markers: The skill does not implement boundary markers or specific instructions to the agent to ignore instructions embedded within the user's image descriptions.
- Capability inventory: The
generate.pyscript has permissions to read prompt and reference files, write image outputs to the filesystem, and perform network requests to the Google Gemini API. - Sanitization: No sanitization or validation is applied to user-provided text before it is interpolated into the generation parameters.
Audit Metadata