eachlabs-image-edit
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8).
- Ingestion points: The skill accepts untrusted data through 'prompt' and 'image_urls' parameters across all models listed in references/MODELS.md.
- Boundary markers: There are no delimiters or specific instructions to prevent the underlying AI models from obeying instructions embedded in the input text or images.
- Capability inventory: The skill uses curl to perform network requests to api.eachlabs.ai as shown in SKILL.md.
- Sanitization: No input validation, escaping, or content filtering is implemented for the data processed by the models.
- [SAFE]: Network requests are directed to the vendor's own infrastructure at api.eachlabs.ai, representing legitimate service communication for an image editing integration.
Audit Metadata