Skills
skills/run6270/skill/baoyu-image-gen/Gen Agent Trust Hub

baoyu-image-gen

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it reads content from external files via the --promptfiles and --ref arguments and includes it directly in prompts sent to image generation models.
  • Ingestion points: The scripts/main.ts script uses the readFile function to ingest content from user-specified file paths.
  • Boundary markers: No specific delimiters or instructions (e.g., 'ignore embedded instructions') are used to isolate or mark the ingested content within the final prompt.
  • Capability inventory: The script is capable of making network requests to external AI provider APIs and writing generated image data to the local filesystem.
  • Sanitization: No sanitization, validation, or escaping of the ingested file content is performed before processing.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes the npx package runner and the bun runtime, and depends on well-known technology packages including the Vercel AI SDK (ai) and @ai-sdk/google.
  • [COMMAND_EXECUTION]: The skill documentation suggests using Bash commands (test -f) to verify the existence of configuration files on the host system.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 07:30 AM