Skills
skills/stvlynn/skills/create-sticker/Gen Agent Trust Hub

create-sticker

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by interpolating raw user input into the prompt sent to the LLM.
  • Ingestion points: User input enters the script through the description argument in scripts/create_sticker.py.
  • Boundary markers: Absent. The user-provided text is directly appended to the system prompt string (prompt = f"{CHARACTER_BASE}\nAction/Pose: {desc}") without delimiters or instructions for the model to ignore embedded commands.
  • Capability inventory: The skill possesses network access via the google-genai SDK and file system write access to the user's home directory (~/stickers/) to save generated images.
  • Sanitization: No validation or sanitization is performed on the description input before it is used for prompt generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 12:21 PM