The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill ingests untrusted text prompts to drive image generation and editing across several scripts (e.g., generate_image.py, edit_image.py). \n- Ingestion points: CLI arguments prompt and instruction entering the agent context. \n- Boundary markers: Absent; user instructions are interpolated directly into API contents. \n- Capability inventory: Includes file system writes (image.save) and network requests to Gemini API. \n- Sanitization: User input is not validated, filtered, or escaped before being sent to the model.\n- [Data Exposure & Exfiltration] (SAFE): No hardcoded secrets were found; the skill correctly retrieves the GEMINI_API_KEY from the environment. No access to sensitive local files was detected.\n- [External Downloads] (SAFE): Dependencies google-genai and Pillow are standard and sourced from trusted organizations.

gemini-imagegen