Skills
skills/the1studio/theone-training-skills/ai-multimodal/Gen Agent Trust Hub

ai-multimodal

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE] (LOW): The scripts/check_setup.py script prints a preview of the GEMINI_API_KEY (first 20 and last 4 characters) to stdout. While not the full key, this practice leads to unnecessary credential exposure in execution logs.
  • [COMMAND_EXECUTION] (MEDIUM): scripts/check_setup.py implements dynamic code loading by adding ~/.claude/scripts to the Python search path and importing resolve_env. Loading executable logic from computed external paths is a security risk if the environment is not strictly controlled.
  • [PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection through the processing of untrusted media.
  • Ingestion points: scripts/gemini_batch_process.py and scripts/document_converter.py ingest user-provided images, PDFs, audio, and video.
  • Boundary markers: No delimiters or instructions to ignore embedded prompts are used when passing content to the model.
  • Capability inventory: The skill makes remote API calls to Gemini models which can be influenced by malicious content in the media.
  • Sanitization: No content sanitization or validation of the media's visual/auditory instructions is performed.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:25 PM