emoji-sticker-generation
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation includes examples that interact with the EachLabs API at 'https://sense.eachlabs.run' and references asset storage at 'https://storage.eachlabs.ai'. These are official vendor domains associated with the skill author.
- [DATA_EXFILTRATION]: API requests demonstrate the use of the 'EACHLABS_API_KEY' environment variable for authentication. User-provided prompts and image URLs are sent to the EachLabs infrastructure for generation, which is the core intended functionality.
- [PROMPT_INJECTION]: The skill acts as a wrapper for generative AI, ingesting user-supplied text and image links. While this represents a surface for indirect prompt injection, it is inherent to the skill's purpose of image generation.
- Ingestion points: 'message' and 'image_urls' fields in API requests (SKILL.md).
- Boundary markers: Not explicitly defined in documentation examples.
- Capability inventory: Network operations via curl to vendor API endpoints.
- Sanitization: Not specified; processing is handled by the remote AI service.
Audit Metadata