image-generator
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes the Bash tool to execute local commands and perform a build step (go build), which is appropriate for its primary purpose as a CLI utility.
- [CREDENTIALS_UNSAFE] (SAFE): The documentation instructs the user to set an environment variable (FAL_KEY) rather than hardcoding a secret, following security best practices.
- [PROMPT_INJECTION] (LOW): The skill accepts arbitrary user input for scene and character descriptions (e.g., sw-image scene) which are likely interpolated into prompts for the external model. This is a standard surface for indirect prompt injection. 1. Ingestion points: Command line arguments for character, npc, scene, monster, item, location, and custom commands. 2. Boundary markers: Absent. 3. Capability inventory: Execution of a local binary that performs network requests to fal.ai. 4. Sanitization: Not mentioned in the skill documentation.
Audit Metadata