resonance-studio
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill is highly vulnerable to indirect injection as it processes untrusted user instructions to drive high-privilege tool usage.
- Ingestion points: User-provided asset 'briefs' defined in the 'Jobs to Be Done' section of SKILL.md.
- Boundary markers: None; there are no instructions to delimit user input from system instructions or to ignore embedded commands.
- Capability inventory:
read_file,write_file, andgenerate_imagetools are active (SKILL.md). - Sanitization: None; user-supplied project names and subjects are directly recommended for use in constructing file paths and names in the 'Asset Generation Pipeline' (references/asset_generation_pipeline.md).
- Command Execution (MEDIUM): The skill's workflow explicitly utilizes the
write_filetool to save generated assets. Without path sanitization or validation, an attacker could attempt to use directory traversal sequences (e.g., '../../') within user-controlled fields like 'Project' to write files to unauthorized directories on the host system.
Recommendations
- AI detected serious security threats
Audit Metadata