document-illustrator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [Indirect Prompt Injection] (LOW): The script
scripts/generate_single_image.pyinterpolates user-provided text directly into a prompt for the Gemini API.\n - Ingestion points: CLI arguments
contentandtitleinscripts/generate_single_image.py.\n - Boundary markers: Absent. The script uses simple text headers which do not prevent subversion.\n
- Capability inventory: Uses the
google-genailibrary to communicate with an external API and writes image files to the local disk.\n - Sanitization: None. Input is used exactly as provided.\n- [Data Exfiltration] (LOW): The
--style-fileargument inscripts/generate_single_image.pyallows reading local files and sending their content to an external service. If an attacker influences the path provided to this argument, sensitive local data could be exfiltrated to the API.\n- [Data Exfiltration] (SAFE): The script writes output to a user-defined path via the--outputargument. While it can overwrite files, this is considered intended behavior for a generation tool.
Audit Metadata