videoagent-image-studio
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its input parameters. \n
- Ingestion points: The
promptandnegative-promptCLI arguments intools/generate.jsare directly used to form API requests. \n - Boundary markers: The script does not utilize delimiters or specific instructions to isolate user-provided prompts from the API command structure. \n
- Capability inventory: The script performs network operations using the
fetchAPI to send data to a remote endpoint. \n - Sanitization: There is no evidence of escaping or validation logic for the user-supplied strings before they are transmitted. \n- [EXTERNAL_DOWNLOADS]: The skill fetches an ephemeral authentication token from a remote proxy (
https://image-gen-proxy.vercel.app) if one is not provided in the environment. This is performed via a standard HTTP POST request. \n- [DATA_EXFILTRATION]: User-provided prompts and generation settings are transmitted to the vendor-hosted proxy atimage-gen-proxy.vercel.app. This is the intended communication flow for the generation service. \n- [COMMAND_EXECUTION]: The skill executes as a Node.js process usingtools/generate.jsto handle image generation tasks and Midjourney actions like upscaling or variations.
Audit Metadata