sc-gemini-imagegen
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious code or patterns were detected in the skill's scripts or documentation. The tool correctly handles API keys via the environment and uses established libraries (google-genai and Pillow) from trusted sources.\n- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it processes unvalidated text input through an LLM. This risk is inherent to the skill's primary function of translating text instructions into images.\n
- Ingestion points: Text prompts and edit instructions ingested through
scripts/generate_image.py,scripts/edit_image.py,scripts/compose_images.py, and interactive input inscripts/multi_turn_chat.py.\n - Boundary markers: Absent; user input is interpolated directly into the model's content request without delimiters or 'ignore' instructions.\n
- Capability inventory: The skill is capable of writing files to the local filesystem via the
PIL.Image.savemethod and performing network requests to the Google Gemini API.\n - Sanitization: No sanitization, filtering, or validation of user-provided strings is performed prior to processing.
Audit Metadata