genimage
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local script
genimage.pywith arguments provided by the user, such as prompt text and image file paths. - [SAFE]: No malicious patterns, hardcoded secrets, or unauthorized network behaviors were identified. The use of environment variables and structured CLI flags aligns with secure implementation.
- [SAFE]: The skill processes user-supplied text to generate images, which serves as a surface for indirect prompt injection. * Ingestion points: User input in the
--promptargument inSKILL.md. * Boundary markers: None present in the instructions. * Capability inventory: Subprocess call to a Python script for API interaction and file writing. * Sanitization: Not explicitly described in the documentation.
Audit Metadata