evaluate-diagram
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a restricted Bash environment to execute the 'paperbanana' CLI tool. To protect against exploitation, it enforces strict input sanitization that rejects shell metacharacters (such as ; | & $) and directory traversal sequences (../).\n- [PROMPT_INJECTION]: The skill ingests user-specified images and context files, which serves as a potential vector for indirect prompt injection. Maliciously crafted content within these external files could attempt to influence the model's evaluation logic, though the skill's constraints limit the scope of such an attack.\n- [SAFE]: The skill follows least-privilege principles by explicitly forbidding access to sensitive system directories (like /etc/) and personal configuration files (like ~/.ssh or .env), and it does not allow for external network requests or package installations.
Audit Metadata