app-icon-generator
Fail
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to perform filesystem operations and execute image manipulation utilities like 'convert' and 'sharp'.
- [COMMAND_EXECUTION]: The instructions include the use of 'sudo apt-get install' to install system dependencies, which constitutes privilege escalation.
- [EXTERNAL_DOWNLOADS]: Recommends the installation of external software from well-known sources, including ImageMagick and the 'sharp-cli' Node.js package.
- [PROMPT_INJECTION]: The skill searches for local files based on patterns like 'icon.png', which is an ingestion point for untrusted data that could lead to indirect prompt injection.
- Ingestion points: Searching for source images in the local directory (find . -name 'icon.png').
- Boundary markers: None provided to distinguish between instruction and data.
- Capability inventory: Shell command execution, file system read/write, and image processing tools.
- Sanitization: No sanitization or validation of the filenames retrieved from the filesystem is performed before processing.
Recommendations
- AI detected serious security threats
Audit Metadata