Skills
skills/crossoverjie/skills/cover-generator/Gen Agent Trust Hub

cover-generator

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes an external Python script to handle image uploads when the --upload flag is used.
  • Evidence: In cover_generator.py, the upload_image function uses subprocess.run([sys.executable, uploader_path, image_path]) to execute a script located at ../image-uploader/image_uploader.py.
  • Context: This is a standard mechanism for inter-skill communication. The use of a list for command arguments (rather than a shell string) prevents command injection vulnerabilities.
  • [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it processes user-supplied text for image generation.
  • Ingestion points: The title and subtitle arguments are accepted as input in cover_generator.py and rendered into the output image.
  • Boundary markers: No specific delimiters are used for the text inputs as they are rendered as pixels rather than interpreted as instructions.
  • Capability inventory: The script can write files to the local disk via image.save() and execute a sibling Python script via subprocess.run().
  • Sanitization: Input is handled by the argparse library and passed to the Pillow (PIL) library for font rendering. No shell interpolation occurs.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 02:19 AM