meme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- Category 8: Indirect Prompt Injection (LOW): The skill takes untrusted user input (meme text) to construct URLs. While this represents an ingestion point, the output is restricted to URL construction for a specific API.
- Ingestion points: User-provided
top_text,bottom_text, andtemplateparameters inmeme_generator.pyandSKILL.md. - Boundary markers: The skill relies on standard URL encoding and custom character mapping (e.g.,
_) to sanitize input for the memegen.link API. - Capability inventory: The skill constructs strings for display as markdown images. It contains no subprocess calls, file-write operations, or active network requests within its scripts.
- Sanitization: Uses
urllib.parse.quoteand a structured mapping in_format_textto escape reserved characters. - Category 4: Unverifiable Dependencies & Remote Code Execution (SAFE): The provided Python script
meme_generator.pyuses only standard libraries (argparse,urllib.parse). No external packages are required or installed. - Category 2: Data Exposure & Exfiltration (SAFE): No access to sensitive file paths (~/.aws, ~/.ssh, etc.) or environment variables was detected. The skill only interacts with the public
memegen.linkAPI domain.
Audit Metadata