single-panel-comic
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill documentation includes a bash command that extracts the
GEMINI_API_KEYfrom a local.envfile usinggrep. This demonstrates a pattern for programmatically accessing sensitive credentials from the host filesystem.\n- [COMMAND_EXECUTION]: The workflow relies on the execution of shell commands for directory navigation and launching a Python subprocess from a local hidden path (.claude/skills/).\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection by interpolating untrusted user-provided scene descriptions and captions directly into a shell command for image generation without sanitization or delimiters.\n- [DATA_EXFILTRATION]: Absolute system paths (e.g.,/Users/charliedeist/Desktop/) are disclosed in the documentation, revealing the user's directory structure and system username to the agent context.
Audit Metadata