add-image-vision
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads source code from the vendor's GitHub repository (github.com/qwibitai/nanoclaw-whatsapp.git) and installs the 'sharp' image processing package using npm.
- [COMMAND_EXECUTION]: Uses shell commands to modify the environment and manage services, including 'git merge' for code integration and 'launchctl kickstart' to restart the 'com.nanoclaw' service on macOS.
- [PROMPT_INJECTION]: The skill establishes an attack surface for indirect prompt injection by processing untrusted data.
- Ingestion points: WhatsApp image attachments.
- Boundary markers: No specific delimiters or safety instructions are defined for the processed image content.
- Capability inventory: Subprocess execution (git, npm, launchctl) and file system access (sessions and logs).
- Sanitization: There is no evidence of content sanitization or validation for the images before they are passed to the agent as multimodal blocks.
Audit Metadata