hand-drawn-infographic-creator
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it is designed to ingest untrusted data from the web to influence its output.
- Ingestion points: The skill instructions in
SKILL.mddirect the agent to use themcp__firecrawl__*tool to search for and read content from external websites to gather 'compositional inspiration'. - Boundary markers: The prompt construction logic lacks clear delimiters or instructions to treat external web content as untrusted data, increasing the risk that instructions embedded in a poisoned webpage could be executed by the agent.
- Capability inventory: The agent has access to powerful tools, including file system access (
Read,Write,Edit) and specialized AI image generation tools (mcp__stability-ai__*,mcp__ideogram__*). - Sanitization: The skill does not implement sanitization or validation of the data retrieved from the web before using it to build prompts for the image generation tools.
Audit Metadata