Skills
skills/dv0x/creative-ad-agent/art-style/Gen Agent Trust Hub

art-style

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • CREDENTIALS_UNSAFE (MEDIUM): The script tools/run-generate.sh utilizes the --env-file=../.env flag when calling tsx. This method for loading environment variables is risky as it can expose sensitive API keys or system secrets to the execution context of the agent.
  • COMMAND_EXECUTION (MEDIUM): The script tools/run-generate.sh traverses five levels up the directory tree (../../../../..) to locate a server directory. This behavior breaks the expected encapsulation of an agent skill and allows the skill to interact with the broader host file system.
  • PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection because it incorporates external data from /storage/hooks/ into its workflow without sanitization.
  • Ingestion points: Data is read from /storage/hooks/{brand}-{date}.md.
  • Boundary markers: No delimiters or instructions are provided to the agent to treat this file content as untrusted data.
  • Capability inventory: The skill executes shell scripts and writes output to the file system.
  • Sanitization: There is no evidence of validation or filtering for the content retrieved from the hook files.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:10 PM