image-crop-rotate
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill instructions direct the agent to execute a shell command
python scripts/crop_and_rotate.py <input_path> <output_path>where the paths are derived from user-uploaded files. This pattern is highly susceptible to command injection if a user uploads a file with a name containing shell metacharacters like semicolons or backticks. - [PROMPT_INJECTION] (HIGH): The skill exhibits a significant indirect injection surface. Evidence: 1. Ingestion points: File paths for images in
/mnt/user-data/uploads/. 2. Boundary markers: Absent; there are no instructions to delimit or escape the paths. 3. Capability inventory: Execution of a Python subprocess via the shell. 4. Sanitization: Absent; the skill does not specify any validation or sanitization of the input file names before execution.
Recommendations
- AI detected serious security threats
Audit Metadata