Skills
skills/jimliu/baoyu-skills/baoyu-infographic/Gen Agent Trust Hub

baoyu-infographic

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to perform local environment checks using shell and PowerShell commands to detect configuration files. Evidence: Step 1.1 in SKILL.md defines the use of test -f and Test-Path to check for EXTEND.md in the project and user home directories.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted user content and incorporates it into a prompt for an external image generation tool. Ingestion points: Source content provided as a file path or pasted text in SKILL.md (Step 1.2). Boundary markers: The skill uses the {{CONTENT}} placeholder in references/base-prompt.md to delineate user data. Capability inventory: The skill generates a prompt and triggers an external image generation skill in Step 6. Sanitization: While the skill mandates stripping credentials and secrets, it lacks specific sanitization or escaping mechanisms to prevent adversarial instructions within the user data from influencing the final prompt.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 01:26 PM