image-batch
Warn
Audited by Gen Agent Trust Hub on Feb 13, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The dependency
rembgdownloads pre-trained AI models from external repositories at runtime. These downloads are not pinned to specific hashes and occur outside the package manager's control. - [COMMAND_EXECUTION] (MEDIUM): The skill instructions direct the agent to execute
scripts/main.py. This script is missing from the provided file set, preventing a safety audit of how it handles shell arguments or file system operations. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted image files from the local filesystem. Ingestion points: Image files in directories like
./images/or individual files likephoto.jpg. Boundary markers: None. There are no instructions to ignore potential malicious content in image metadata. Capability inventory: Execution of local Python scripts and file write operations (--output). Sanitization: Unverifiable as the logic inscripts/main.pyis unavailable. - [METADATA_POISONING] (LOW): The documentation in
SKILL.mdcontains significant inconsistencies, referencing video production workflows and storyboarding in the 'Skill Boundaries' and 'What Claude Does' sections, which are unrelated to the image batch processing functionality.
Audit Metadata