VLM
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The script processes external image URLs and user-supplied prompts which creates a surface for indirect prompt injection if the processed content contains malicious instructions. * Ingestion points: imageUrl and prompt parameters in the main function of scripts/vlm.ts. * Boundary markers: None; inputs are interpolated directly into the message array. * Capability inventory: Minimal; the script only logs results to the console via console.log. * Sanitization: No validation or escaping is performed on external inputs.
- [External Downloads] (LOW): The script depends on the z-ai-web-dev-sdk package, which is not on the established list of trusted sources and should be manually verified.
Audit Metadata