image-generation
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill instructions direct the agent to run a shell command (
node skills/image-generate/scripts/generate_image.js "[prompt]") where the prompt is derived from untrusted user input. This pattern is highly susceptible to command injection if the user intent contains shell metacharacters like semicolons or backticks. - PROMPT_INJECTION (HIGH): This skill exhibits Category 8 (Indirect Prompt Injection) vulnerabilities. It ingests untrusted user intent to generate a prompt that triggers side-effect capabilities. * Ingestion point: User Intent input in prompt optimization step. * Boundary markers: Absent. * Capability inventory:
nodeshell command execution and local file writes (PNG and JSON). * Sanitization: Not verifiable as the script source (generate_image.js) is missing from the skill package. - DATA_EXFILTRATION (LOW): The skill requires a
DASHSCOPE_API_KEYenvironment variable. While it doesn't hardcode the key, the script's use of this key and its ability to write files to the local disk pose a moderate risk of data exposure if the execution logic is compromised.
Recommendations
- AI detected serious security threats
Audit Metadata