Skills
skills/ckorhonen/claude-skills/gemini-image-generator/Gen Agent Trust Hub

gemini-image-generator

Pass

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The SKILL.md file contains instructions that guide the user to modify shell configuration files (~/.zshrc and ~/.bashrc) for persistent storage of environment variables. While presented as a setup step, modifying startup scripts is a persistence mechanism.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data which is subsequently passed to an external AI model.
  • Ingestion points: Text prompts provided via the -p/--prompt argument and image files provided via the -i/--input-image or -r/--reference-images arguments in scripts/generate_image.py.
  • Boundary markers: Absent. User prompts are interpolated directly into the model's instructions without protective delimiters or filtering.
  • Capability inventory: The skill performs network requests to the Google Gemini API (a well-known service) and reads/writes local image files.
  • Sanitization: No validation, sanitization, or safety filtering is performed on the prompt text or image data before being sent to the external API.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 18, 2026, 03:40 AM