baoyu-xhs-images
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill includes instructions to bypass AI safety guardrails. In
references/workflows/prompt-assembly.md, the prompt assembly guidelines specify that the agent should "DO NOT refuse to generate" images involving sensitive or copyrighted figures, which is a direct attempt to override refusal behaviors. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its processing of untrusted user inputs without proper sanitization.
- Ingestion points: The skill takes user-provided "source material" in Step 1 and uses it to construct image generation prompts in Step 3.
- Boundary markers: The prompt templates do not utilize boundary markers or instructions to ignore potential commands embedded within the user-provided content.
- Capability inventory: The agent has the capability to write multiple files (prompts, analysis, images) and call image generation tools.
- Sanitization: No sanitization or escaping of user content is performed prior to its interpolation into the
{CONTENT_SECTION}of the generated prompt.
Audit Metadata