Skills
skills/dkyazzentwatwa/chatgpt-skills/batch-qr-generator/Gen Agent Trust Hub

batch-qr-generator

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill possesses a vulnerability surface where untrusted data from a CSV file influences filesystem operations without sanitization.
  • Ingestion points: scripts/batch_qr_generator.py reads untrusted data from a user-supplied CSV file via the load_csv method.
  • Boundary markers: No boundary markers or "ignore instructions" warnings are present to handle data from the CSV.
  • Capability inventory: The skill has significant filesystem capabilities, including directory creation (os.makedirs) and file writing (img.save and to_csv) in scripts/batch_qr_generator.py.
  • Sanitization: The script does not sanitize the filename column retrieved from the CSV. By using os.path.join with unsanitized strings, an attacker could provide a CSV containing path traversal sequences (e.g., ../../evil) to write files outside of the intended output directory.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:58 PM