baoyu-comic
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local shell commands including 'bun', 'sips', and 'pngquant' to perform technical processing tasks such as image compression and merging individual comic pages into a final PDF document. These operations are focused on the skill's output directory and use standard system tools.
- [INDIRECT_PROMPT_INJECTION]: The skill's primary function involves analyzing and transforming user-supplied text into comic scripts. This ingestion of external data creates a surface for indirect prompt injection. However, the risk is mitigated by the skill's use of highly structured analysis frameworks and specific output templates that guide the agent's behavior toward its intended goal.
- [EXTERNAL_DOWNLOADS]: The skill may use 'npx' to run 'bun' if it is not already installed on the system. This utilizes the official NPM registry, which is a well-known and trusted service for development tools.
Audit Metadata