fal-text-to-image
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides Python scripts (fal-text-to-image, fal-image-remix, fal-image-edit) intended for execution by the agent to interface with image generation models.\n- [EXTERNAL_DOWNLOADS]: Downloads generated image assets from fal.ai's official domains to the local outputs directory.\n- [DATA_EXFILTRATION]: Transfers user-selected local images to the fal.ai processing service. This network operation is restricted to the intended purpose of image transformation and editing.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface where external data (user prompts) is interpolated into API requests without sanitization or boundary markers.\n
- Ingestion points: Prompt arguments in
fal-text-to-image,fal-image-remix, andfal-image-edit.\n - Boundary markers: Absent; user input is passed as a raw string to the external model.\n
- Capability inventory: Network communication via
fal-clientandrequests; local file system writes viaPIL.\n - Sanitization: No validation, escaping, or filtering of the input prompt is performed.
Audit Metadata