ai-studio-image
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to prompt injection because it processes user input and interpolates it into a larger system prompt sent to the image generation model.\n- Ingestion points: User input is ingested via the --prompt and --custom command-line arguments in the generation scripts.\n- Boundary markers: The prompt_engine.py script does not utilize delimiters (e.g., triple quotes, XML tags) or boundary markers to isolate user-provided text from the system's humanization instructions.\n- Capability inventory: The skill has the capability to perform network requests to Google AI Studio APIs and write generated assets and metadata to the local file system.\n- Sanitization: There is no evidence of sanitization or escaping of the user-provided prompt before it is concatenated into the final narrative prompt.
Audit Metadata