wiggle
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes subprocess.run in several scripts to perform its core functions. batch_export.py calls other internal scripts like optimize_lottie.py and render_lottie.py. check_dependencies.py and convert_logo_to_svg.py invoke system utilities such as ffmpeg and potrace.
- [PROMPT_INJECTION]: The skill architecture for processing external data creates a surface for indirect prompt injection. 1. Ingestion points: User-supplied SVG and image files are processed by extract_svg_elements.py and prepare_logo.py. 2. Boundary markers: No explicit delimiters or warnings are used to isolate instructions potentially embedded in file metadata. 3. Capability inventory: Scripts like extract_svg_elements.py and prepare_logo.py can write files, and others can execute shell commands. 4. Sanitization: Validation logic in validate_logo.py and validate_lottie.py verifies the format and structure of assets.
- [SAFE]: Dependency management and image processing are handled using well-known, standard Python libraries. Internal logic for dynamic package checking in check_dependencies.py is limited to verification purposes.
Audit Metadata