didit-biometric-age-estimation
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection where malicious instructions could be embedded in the data it processes.
- Ingestion points: The script
scripts/estimate_age.pyingests untrusted data through theimagecommand-line argument, which is used to specify local file paths. - Boundary markers: The skill does not implement boundary markers or instructions to prevent the underlying model from obeying potentially malicious instructions found within the processed image metadata or file names.
- Capability inventory: The skill possesses the capability to read local files using the
openfunction and perform external network operations viarequests.postinscripts/estimate_age.py. - Sanitization: The script lacks input validation or sanitization for the file paths or the binary content of the images before they are transmitted to the remote API.
Audit Metadata