make-image
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
pnpm neta make-imagecommand to perform its core image generation task. This is the primary intended behavior of the skill.- [PROMPT_INJECTION]: The skill uses a user-provided--promptargument, which serves as a surface for indirect prompt injection if the input contains malicious instructions. - Ingestion points: User-provided input passed to the
--promptargument inSKILL.md. - Boundary markers: None identified in the command structure.
- Capability inventory: Executes shell commands using
pnpm. - Sanitization: No input validation or escaping for the prompt text is documented.
Audit Metadata