Skills
skills/majesticlabs-dev/majestic-marketplace/gemini-image-coder/Gen Agent Trust Hub

gemini-image-coder

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted user data.
  • Ingestion points: The skill accepts user-provided text through the prompt argument in scripts/generate_image.py and the instruction argument in scripts/edit_image.py.
  • Boundary markers: No delimiters or protective instructions are used to wrap user input before it is passed to the API call in client.models.generate_content.
  • Capability inventory: The scripts have the ability to read and write files (images) and initiate network requests to Google API endpoints.
  • Sanitization: The skill does not validate or sanitize the text prompts provided by the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 09:57 PM