wedding-immortalist
Warn
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
Bashtool to executecolmapfor 3D reconstruction tasks. The script provided inreferences/gaussian-splatting-pipeline.md(colmap_sfm.sh) uses positional arguments for the workspace and image paths. If these paths are derived from untrusted user input (such as an uploaded folder name) without rigorous sanitization, it could lead to command injection vulnerabilities. - [PROMPT_INJECTION]: The skill exhibits surface area for Indirect Prompt Injection (Category 8) due to the processing of untrusted media files from guests.
- Ingestion points: Photo and video ingestion pipelines defined in
SKILL.mdandreferences/gaussian-splatting-pipeline.md, which include guest-uploaded content and EXIF metadata extraction. - Boundary markers: There are no boundary markers or instructions to the agent to disregard embedded instructions within filenames or metadata.
- Capability inventory: The skill possesses
Bash,Write, andEditcapabilities, allowing it to execute scripts and generate web files (index.html,theme-config.json). - Sanitization: The provided logic does not demonstrate sanitization of filenames or EXIF metadata (e.g.,
DateTimeOriginal,GPSInfo) before they are used in path construction or rendered into output deliverables. - [EXTERNAL_DOWNLOADS]: The skill's documentation and reference files list several Python and Node.js dependencies required for computer vision and 3D rendering. These packages are treated as trusted but are not pinned to specific versions or verified for integrity within the skill's own logic.
Audit Metadata