image-gen
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The command in
SKILL.mdinterpolates the<prompt>variable into a shell string inside double quotes. In shells like Bash, this allows for command substitution (e.g.,$(command)), which can be exploited to run unauthorized code. - [PROMPT_INJECTION] (HIGH): This skill handles untrusted user input (the prompt) and uses it to perform high-privilege operations (executing a shell script) without any sanitization or boundary markers to prevent input from escaping its intended context (Category 8 High-Tier risk).
- [NO_CODE] (LOW): The file
scripts/image-gen/generate.mjs, which contains the actual logic for image generation, is missing from the provided source. This prevents a thorough security review of how the API is accessed and how user data is processed.
Recommendations
- AI detected serious security threats
Audit Metadata