meme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill communicates with api.memegen.link to fetch images. This is the core functionality and no unauthorized downloads or script executions are present.
- [COMMAND_EXECUTION] (SAFE): The scripts/meme_generator.py file uses standard libraries for string manipulation and does not execute shell commands or dynamic code.
- [DATA_EXFILTRATION] (SAFE): No patterns for accessing credentials, SSH keys, or environment variables were identified.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted data to construct URLs. 1. Ingestion points: User-provided text in triggers and the style parameter. 2. Boundary markers: None. 3. Capability inventory: Generates external image URLs for markdown display. 4. Sanitization: Uses urllib.parse.quote and urlencode to safely handle user input within URLs.
Audit Metadata