baoyu-article-illustrator
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface where malicious content in an article could manipulate image generation.
- Ingestion points: Untrusted article content is ingested in Step 2 (Analyze Content) as either file paths or pasted text.
- Boundary markers: Prompt templates in 'references/prompt-construction.md' lack explicit delimiters or markers to separate user-provided data from instruction logic.
- Capability inventory: The skill writes prompt and outline files to the local file system and invokes an external image generation skill.
- Sanitization: No sanitization or filtering of article content is performed before it is interpolated into generation prompts.
- [COMMAND_EXECUTION]: The skill executes shell commands such as 'test -f' and 'Test-Path' to locate configuration files (EXTEND.md) during the setup phase.
Audit Metadata