tuzi-comic
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it uses untrusted user content to generate complex visual descriptions and prompts for further AI processing.
- Ingestion points: User-provided text or Markdown source files (saved as
source.md). - Boundary markers: Employs Markdown code blocks in the base prompt template to wrap source content, providing limited isolation.
- Capability inventory: Possesses capabilities to execute shell commands (
npx), perform local file writes (analysis.md,storyboard.md,.png,.pdf), and interface with sibling image generation skills. - Sanitization: No explicit sanitization or instruction-filtering of the user input is documented before it is interpolated into prompts.
- [COMMAND_EXECUTION]: The skill executes local commands as part of its intended operation.
- Uses
npx -y bunto invoke a sibling image generation skill (tuzi-image-gen) located at a relative path. - Recommends the use of system-level image optimization tools such as
pngquant,optipng, orsipsfor file size reduction. - Runs a local TypeScript utility (
scripts/merge-to-pdf.ts) via the Bun runtime to compile generated comic pages into a final PDF document. - [EXTERNAL_DOWNLOADS]: The skill utilizes
npx(Node Package Runner) for inter-skill communication and utility execution, which may trigger the download of packages from the npm registry (a well-known service) if dependencies are missing at runtime.
Audit Metadata