Skills
skills/jasoft/missing_exif/fill-missing-exif/Gen Agent Trust Hub

fill-missing-exif

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill executes the exiftool binary using subprocess.run with a list of arguments, which is a secure practice that prevents shell injection. The skill relies on the presence of exiftool on the host system as a prerequisite.
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface (Category 8).
  • Ingestion points: The skill reads untrusted data from the filesystem, specifically file paths in discover_stage.py and EXIF/XMP/QuickTime metadata tags via exiftool in filter_stage.py.
  • Boundary markers: Absent. The agent interface defined in agents/openai.yaml does not implement boundary markers or instructions to ignore embedded content in tool outputs.
  • Capability inventory: The skill possesses the capability to execute external processes via subprocess.run in shell.py and perform file system write operations (backups and metadata updates) in write_stage.py.
  • Sanitization: Absent. The script prints file names and metadata results directly to the standard output, which is then processed by the AI agent without any escaping or sanitization of potential malicious instructions embedded in metadata fields.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 03:51 PM