Skills
skills/horace4444/extend-my-claude-code/watermark-removal/Gen Agent Trust Hub

watermark-removal

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Dynamic Execution (MEDIUM): The script scripts/batch-process.py uses the importlib library to dynamically load and execute the module remove-watermark.py from a path computed at runtime.
  • Evidence: Lines 19-25 in scripts/batch-process.py show the use of importlib.util.spec_from_file_location and spec.loader.exec_module with a path derived from file.
  • Impact: This pattern allows the execution of arbitrary Python code contained in the target file, posing a risk if the file contents are untrusted or can be modified.
  • Indirect Prompt Injection (LOW): The skill processes untrusted image files from user-specified directories.
  • Ingestion points: input_dir via pathlib.Path.glob in scripts/batch-process.py.
  • Boundary markers: None present; image data is processed directly.
  • Capability inventory: File system read/write and image manipulation via the Pillow library.
  • Sanitization: No validation of the image content is performed before processing.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:26 PM