j-cover
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes user-provided images. While there is a potential for an image to contain text that influences the AI, the skill's specific instructions for layout and typography act as a restrictive template that limits the impact of such injections.
- [Prompt Injection] (SAFE): The prompt uses strong instructional language (e.g., 'CRITICAL', 'MUST NOT') to define the layout, but it does not attempt to override the underlying AI agent's safety guidelines or system instructions.
- [Data Exposure & Exfiltration] (SAFE): No file system access or network communication patterns were detected. The skill operates entirely within the context of the provided image and generated text.
- [Remote Code Execution] (SAFE): No external dependencies, scripts, or dynamic code execution patterns are present.
Audit Metadata