canghe-comic
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill performs deep analysis of user-supplied source material to generate narratives and prompts, which serves as a surface for indirect prompt injection. * Ingestion points: source content is read from user-provided files or input to create analysis.md. * Boundary markers: no specific delimiters are used in the prompt templates to separate user data from analysis instructions. * Capability inventory: the skill includes file system write operations and command execution via npx. * Sanitization: no explicit validation or instruction-ignoring mechanisms are applied to the input content.
- [COMMAND_EXECUTION]: The workflow relies on executing local scripts and system utilities to perform its tasks. * Evidence: the scripts/merge-to-pdf.ts script is executed to compile the final comic. * Evidence: the skill calls a sibling tool (canghe-image-gen) using npx and bun runtimes as part of the image generation step. * Evidence: the workflow utilizes shell commands to check for project-level or user-level configuration in hidden directories (e.g., .canghe-skills).
- [EXTERNAL_DOWNLOADS]: The skill references external libraries that are typically resolved and downloaded during the build or execution phase. * Evidence: the merge-to-pdf.ts script imports the pdf-lib package, which may be fetched at runtime if not locally cached.
Audit Metadata