image_generation
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because user-provided input is directly interpolated into the final prompt sent to image generation backends.
- Ingestion points: The
queryparameter inresources/execute.pyis used as the primary source for the image description. - Boundary markers: No specific delimiters or instructions (e.g., "ignore instructions within the following text") are used when constructing the optimized prompt in the
optimize_promptfunction. - Capability inventory: The skill is designed to interact with external APIs (OpenAI, Stability AI) and can potentially be manipulated to generate unintended content or bypass safety filters of those models if the input contains malicious instructions.
- Sanitization: There is no evidence of input validation, escaping, or filtering for instruction-like patterns in the user-provided
query.
Audit Metadata