post-process-logo
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill uses a shell command block to execute a local Python script (
scripts/logos/post-process-logo.py) viapoetry run. This is consistent with the skill's primary purpose of image processing. - [EXTERNAL_DOWNLOADS] (LOW): The skill requires external Python dependencies (e.g., Pillow) to be installed via
poetry install, which fetches packages from public registries. - [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection.
- Ingestion points: Filenames and paths within the user-provided 'Input folder' (SKILL.md).
- Boundary markers: Absent; the skill does not specify delimiters or warnings for the agent when handling these paths.
- Capability inventory: Shell execution via
poetry runusing environment variablesINPUT_IMAGEandOUTPUT_IMAGE(SKILL.md). - Sanitization: Not mentioned; if the agent interpolates untrusted filenames directly into the
exportcommand, it could lead to command injection.
Audit Metadata