image-generation-enhanced
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructions establish an attack surface for indirect prompt injection by directing the agent to ingest and process untrusted user-provided prompt strings and external files.
- Ingestion points: User-provided prompts, reference images, and external files (e.g., '@prompt.md') referenced in SKILL.md.
- Boundary markers: No protective delimiters or warnings to ignore embedded instructions are included in the workflow.
- Capability inventory: The skill leverages the 'minibanana' CLI tool to execute image generation tasks using these untrusted inputs.
- Sanitization: There are no explicit instructions for validating, escaping, or sanitizing the input data before it is passed to the generation tool.
Audit Metadata