midjourney-prompts
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or high-risk command executions were detected. The skill acts as a structured template for prompt generation.
- [DATA_EXFILTRATION]: No network requests (curl, wget, etc.) or access to sensitive file paths (e.g., credentials or SSH keys) are present. It only interacts with local documentation and project components.
- [REMOTE_CODE_EXECUTION]: There is no evidence of external dependency installation, script execution, or dynamic code loading. The workflow is limited to text processing.
- [PROMPT_INJECTION]: The instructions do not contain markers for overriding safety filters, bypassing system constraints, or extracting system prompts.
- [COMMAND_EXECUTION]: No shell commands or subprocess calls are invoked. The skill describes a manual or text-based workflow.
- [DATA_EXPOSURE]: This skill provides a surface for indirect prompt injection as it ingests untrusted data from user-provided page files and components.
- Ingestion points: SKILL.md (Workflow steps 1 and 2) reads local page files, components, and 'docs/styleguide.md'.
- Boundary markers: None specified for separating ingested content from prompt instructions.
- Capability inventory: The skill is limited to reading files and writing markdown output to 'docs/midjourney-prompts/'. It has no execution or network capabilities.
- Sanitization: No sanitization or validation of the ingested content is mentioned.
Audit Metadata