creative-illustration
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): The skill documentation references a Python script for image generation, but no executable code is included in the package. The package.json specifically limits the included files to SKILL.md.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted user input for image generation. 1. Ingestion points: --subject and --prompt parameters in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Implicit network access to OpenAI and file system writes to an output directory. 4. Sanitization: Not verifiable as the source code for illustrate.py is missing.
Audit Metadata