image_editing
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill provides a surface for indirect prompt injection by processing untrusted user input. 1. Ingestion points: User-provided text in the 'prompt' and 'mask_description' arguments for the editImage tool. 2. Boundary markers: Absent; no delimiters or ignore-instructions warnings are used when interpolating user content. 3. Capability inventory: The skill is limited to calling the editImage tool and does not have shell or file system access. 4. Sanitization: No sanitization, escaping, or validation of user-provided strings is described.
- [No Code] (SAFE): The skill does not contain any executable scripts, binaries, or configuration files, which eliminates traditional malware and remote code execution risks.
Audit Metadata