Skills
skills/interstellar-code/claud-skills/image-fetcher/Gen Agent Trust Hub

image-fetcher

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill acts as an ingestion point for untrusted data from the internet, creating a vulnerability surface where a malicious image source or URL list could influence the agent.
  • Ingestion points: fetch_image.py (via url argument) and fetch_images_batch.py (via input_file).
  • Boundary markers: None. The content is treated as raw binary or a list of URLs.
  • Capability inventory: Performs network requests (requests.get), creates directories (mkdir), and writes files to disk (open with 'wb').
  • Sanitization: Limited. While Path.name is used for filenames derived from URLs, the filename and output_directory arguments passed to the script are not validated. This allows for potential path traversal (e.g., ../../etc/) if an agent is tricked into using a malicious path.
  • Data Exposure & Exfiltration (LOW): The script makes network requests to arbitrary domains. This presents a Server-Side Request Forgery (SSRF) risk if used in environments where internal metadata services or local network resources are accessible.
  • External Downloads (SAFE): The skill depends on the requests library, which is a standard and well-vetted Python package for HTTP operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:29 PM