meme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- DATA_EXFILTRATION (LOW): The skill transmits user-provided meme text to the external API at api.memegen.link. While this is the intended functionality, it constitutes a data flow to an external domain that is not included in the trusted whitelist. No access to sensitive local files (e.g., credentials) was detected.
- EXTERNAL_DOWNLOADS (LOW): The skill generates URLs that point to images on the api.memegen.link domain. These images are displayed in the chat interface. While the service is well-known for meme generation, it remains an untrusted external source.
- PROMPT_INJECTION (LOW): The skill creates a surface for indirect prompt injection by processing arbitrary user-provided text for meme generation. Ingestion points: the
top_textandbottom_textparameters used in the URL construction inscripts/meme_generator.py. Boundary markers: Absent; there are no delimiters or instructions to the agent to ignore embedded commands. Capability inventory: The skill's capabilities are limited to constructing and returning markdown image links and URLs. Sanitization: The script usesurllib.parse.quoteto ensure URL safety and prevent breakage, but it does not perform semantic validation or sanitization of the text to prevent instruction injection.
Audit Metadata