Skills
skills/qwibitai/nanoclaw-skills/add-image-vision/Gen Agent Trust Hub

add-image-vision

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill adds a git remote and fetches code from 'https://github.com/qwibitai/nanoclaw-whatsapp.git', which is the vendor's official repository.
  • [COMMAND_EXECUTION]: Executes several shell commands to manage the skill lifecycle, including 'git merge' to integrate code, 'npm install' for dependencies, 'npx vitest' for verification, and 'launchctl kickstart' to restart the service on macOS.
  • [REMOTE_CODE_EXECUTION]: The skill integrates remote code from the 'skill/image-vision' branch into the local source directory and executes a local build script './container/build.sh' to update the agent's runtime environment.
  • [PROMPT_INJECTION]: The skill processes image attachments from WhatsApp, creating an attack surface for indirect prompt injection (Category 8) where instructions within images could influence agent behavior.
  • Ingestion points: Image attachments retrieved via the WhatsApp channel integration in 'src/channels/whatsapp.ts'.
  • Boundary markers: None explicitly defined in the skill instructions for the image content blocks passed to the model.
  • Capability inventory: The skill has access to git, npm/package management, shell script execution via 'build.sh', and system service management via 'launchctl'.
  • Sanitization: Images are processed and resized using the 'sharp' library before being base64-encoded for the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 07:39 AM