generate-image
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute a local Python script at '~/.agents/tools/generate-image.py'.
- [CREDENTIALS_UNSAFE]: The documentation explicitly identifies the file path '~/.agents/tools/.env' as the storage location for sensitive 'OPENAI_API_KEY' and 'STABILITY_API_KEY' tokens.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection and command injection because it interpolates untrusted user input directly into a shell command template. * Ingestion points: User-supplied text provided in the 'prompt' argument (SKILL.md). * Boundary markers: Absent; user input is wrapped in shell double quotes which can be escaped using metacharacters like backticks or semicolons. * Capability inventory: The 'Bash(*)' tool allows for arbitrary command execution on the host system (SKILL.md). * Sanitization: Absent; no escaping or validation of the prompt string is performed before it is passed to the shell for execution.
Audit Metadata