image-generate
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill interacts with the OpenAI API to generate images and allows downloading files from arbitrary URLs provided during the download phase. Operations targeting the official OpenAI API are standard for this functionality.
- [COMMAND_EXECUTION]: The script performs file system operations by writing data to the local disk. The downloadImage function in both the documentation and the implementation file utilizes fs.writeFileSync to save content.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface through the download command in index.js.
- Ingestion points: The command accepts a URL and an outputPath from external input (CLI arguments) that could be controlled by an attacker via a malicious prompt.
- Boundary markers: No boundary markers or instructions are present to validate the safety of the provided file paths.
- Capability inventory: The skill possesses the capability to write arbitrary data to the filesystem using fs.writeFileSync.
- Sanitization: There is no sanitization or validation of the outputPath, which could be exploited to overwrite sensitive system or configuration files if the execution environment permits.
Audit Metadata