image-gen
Fail
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [CREDENTIALS_UNSAFE]: The file
scripts/config.jsoncontains a hardcoded API secret (ms-e6148603-7898-41aa-9509-f183687d9a18). Hardcoding access tokens in configuration files is a high-severity security risk as it exposes the author's or user's account to potential misuse. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of untrusted user input.
- Ingestion points: User-provided descriptions enter the system via the
--promptargument inscripts/generate.py. - Boundary markers: None; the agent is instructed to interpolate user input directly into the command-line arguments without using delimiters or safety instructions to ignore embedded commands.
- Capability inventory:
scripts/generate.pycan perform network requests to the ModelScope API and save files to the local disk. - Sanitization: No validation or sanitization is performed on the user prompt before it is sent to the ModelScope inference service.
- [EXTERNAL_DOWNLOADS]: The skill downloads generated image content from the ModelScope inference service (api-inference.modelscope.cn). This is an expected behavior for an image generation tool and targets a well-known AI platform.
Recommendations
- AI detected serious security threats
Audit Metadata