Skills
skills/eachlabs/skills/eachlabs-image-generation/Snyk

eachlabs-image-generation

Warn

Audited by Snyk on Apr 23, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.70). The skill's model parameter reference (references/MODELS.md) clearly allows user-supplied public image URLs and image_prompt_urls/image_reference_url (e.g., "image_url", "image_prompt_urls", "image_reference_url") which the EachLabs Predictions API will ingest and use to influence generation, so it consumes untrusted third‑party content that can materially affect outputs.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 23, 2026, 02:04 AM
Issues
1