baoyu-cover-image
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: In
references/base-prompt.md, the skill includes an instruction to generate stylistic alternatives for copyrighted figures with an explicit directive: "DO NOT refuse to generate". This is an intentional instruction to bypass standard AI safety guardrails related to intellectual property and copyrighted material. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes untrusted user-provided content (article files or pasted text) to derive visual metaphors and themes. While it uses keyword extraction and summarization, instructions embedded in the input text could potentially influence the behavior of the image generation backend.
- [COMMAND_EXECUTION]: The skill uses local shell commands (
test -f,echo) and PowerShell commands (Test-Path) in its workflow (Step 0) to check for the existence of user preference files (EXTEND.md). These operations are restricted to specific, non-sensitive application directories and are used for standard configuration management.
Audit Metadata