imagegen
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill documentation recommends installing standard Python packages (
google-genai,openai,Pillow). These are well-known, reputable libraries used for interacting with AI APIs and image processing. Under [TRUST-SCOPE-RULE], these are considered low-risk dependencies. - [PROMPT_INJECTION] (LOW): The skill ingests user-provided text prompts to generate images via external APIs.
- Ingestion points: User-supplied strings passed to
--promptarguments in commands like/imagegen:generate. - Boundary markers: Absent; the skill does not appear to wrap user input in protective delimiters before passing it to the subagent or APIs.
- Capability inventory: The skill facilitates network requests to Google and OpenAI and uses a subagent to manage generation scripts.
- Sanitization: None mentioned.
- Assessment: The impact is minimal as the output is primarily image data for display, but the lack of boundary markers makes it a surface for prompt injection that could influence the subagent's reasoning or the generation parameters.
Audit Metadata