pollinations
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation references local shell scripts such as scripts/chat.sh and scripts/image.sh which are used to execute API calls from the host.
- [EXTERNAL_DOWNLOADS]: The skill uses curl to fetch AI-generated content from gen.pollinations.ai, an established service for generative AI models.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection vulnerability surface. ● Ingestion points: user input provided as arguments to shell scripts or embedded in curl prompts. ● Boundary markers: no delimiters or instructions to ignore embedded commands are documented. ● Capability inventory: subprocess execution for shell scripts and network access for API requests. ● Sanitization: no evidence of input validation or prompt escaping is provided.
Audit Metadata