image-studio
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill communicates with the vendor's hosted proxy at
https://image-gen-proxy.vercel.appto facilitate authentication and image generation tasks. This behavior is documented as a core feature to allow 'zero-setup' usage without individual API keys. - [PROMPT_INJECTION]: The script
tools/generate.jsprovides an indirect prompt injection surface by accepting user-provided text through the--promptargument and interpolating it directly into network requests without sanitization. 1. Ingestion points: Untrusted user input enters through the--promptCLI argument intools/generate.js. 2. Boundary markers: No delimiters or safety instructions (e.g., 'ignore embedded commands') are used to wrap the user prompt. 3. Capability inventory: The skill is capable of making network requests to external APIs and returning image URLs to the user. 4. Sanitization: No input validation or escaping is performed on the prompt before it is sent to the remote API.
Audit Metadata