Skills
skills/superconductor/superconductor-plugin-marketplace/image-generation/Gen Agent Trust Hub

image-generation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (HIGH): The skill uses npx -y superconductor-gemini-skills to execute code from the NPM registry. This package is not from a trusted source (e.g., Google or Anthropic) and lacks version pinning, creating a significant supply chain risk.
  • [REMOTE_CODE_EXECUTION] (HIGH): The use of npx with an unverified package allows for arbitrary code execution on the user's system.
  • [COMMAND_EXECUTION] (MEDIUM): The skill invokes local shell scripts and binaries with interpolated arguments, which could be exploited if input is not properly sanitized.
  • [INDIRECT PROMPT INJECTION] (HIGH): The skill processes untrusted image and video files via the --file argument (Ingestion point: SKILL.md examples) and has the capability to execute commands and write files to the system (Capability inventory: npx, bash, file-write). No boundary markers or sanitization steps are present to mitigate instructions embedded in processed media.
  • [METADATA POISONING] (MEDIUM): The description uses the nonsensical model name 'Nano Banana Pro', which is misleading and potentially obscures the tool's true behavior.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:36 PM