image-model-evaluation
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [Data Exposure & Exfiltration] (LOW): The skill performs network requests to an unverified third-party domain (
https://api.xbyjs.top). While this is required for the stated functionality, communication with non-whitelisted domains increases the risk of data exposure if sensitive content is included in evaluation prompts. - [Indirect Prompt Injection] (MEDIUM): The skill ingests untrusted data from external AI model responses and interpolates it into a local HTML report (
index.html). - Ingestion points: API responses from
api.xbyjs.topandfal.aicontaining generated text and image URLs. - Boundary markers: Absent. The skill uses basic regex to extract content but does not define clear security boundaries for external data.
- Capability inventory: File-write access to generate HTML, JSON, and summary reports in the
evaluation_output/directory. - Sanitization: Absent. The skill lacks evidence of HTML escaping or output sanitization. Malicious model outputs (e.g., if a model is compromised or tricked via the prompt) could inject malicious scripts or phishing content into the generated report, which is then viewed by the user in a browser context.
- [Unverifiable Dependencies] (LOW): The skill references the
requestsPython library in its documentation for HTTP communication. While a standard package, its use with unverified external endpoints requires user trust in the third-party API provider.
Audit Metadata