canvas-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): An indirect prompt injection surface exists where untrusted data is processed into AI model prompts. * Ingestion points: WeChat article content is passed via command-line arguments to
scripts/generate_cover.py. * Boundary markers: No delimiters or safety instructions are used to wrap the untrusted input. * Capability inventory: The skill can generate images and write files to the system via Vertex AI and Pillow. * Sanitization: The input is joined and stripped but not validated or filtered for malicious instructions.
Audit Metadata