paw-cra-design-social
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands including curl and jq to interact with image generation APIs and process JSON results. These operations are restricted to the intended design workflow.
- [EXTERNAL_DOWNLOADS]: Fetches generated visual assets from the fal.ai platform (fal.run) and downloads them to the local workspace for processing.
- [PROMPT_INJECTION]: The skill processes user-supplied briefs to generate prompts for AI models. While it lacks explicit sanitization or boundary markers for this input, it is a core function of the design pipeline and presents low risk in this context.
Audit Metadata