Skills
skills/oldwinter/skills/baoyu-cover-image/Gen Agent Trust Hub

baoyu-cover-image

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The file references/base-prompt.md contains instructions that explicitly direct the AI to bypass standard refusal mechanisms for sensitive or copyrighted content, stating 'DO NOT refuse to generate'.
  • [INDIRECT_PROMPT_INJECTION]: The skill analyzes and interpolates untrusted data from user articles into prompts for downstream image generation.
  • Ingestion points: File paths and pasted content provided via CLI or chat.
  • Boundary markers: Data is structured under markdown headers in prompt templates, offering some logical separation but no robust sanitization.
  • Capability inventory: Subprocess calls for file checks and integration with other skills to generate images.
  • Sanitization: No evidence of input validation or character escaping for the article text before prompt construction.
  • [COMMAND_EXECUTION]: The skill uses shell-based file existence checks (test -f) to locate configuration files and verify reference images.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 05:59 PM