ray
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill transmits user-provided code to
https://ray.tinte.dev/api/v1/screenshotto generate images. This presents a potential risk if the code being processed contains sensitive information, such as API keys or private credentials, which are then exposed to the external service. - [COMMAND_EXECUTION]: The skill instructions specify the use of the
curlcommand to interact with the remote API and theopencommand to display the generated PNG file locally. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its ingestion of untrusted data. \n
- Ingestion points: The skill ingests arbitrary code provided by the user or read from files via the
codeparameter. \n - Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the code as data only and ignore any embedded instructions. \n
- Capability inventory: The skill possesses network communication capabilities (
curl) and local command execution capabilities (open). \n - Sanitization: No sanitization or validation of the input code is performed before it is sent to the API or processed by the agent.
Audit Metadata