Skills
skills/xream/scripts/pollinations-image-gen/Gen Agent Trust Hub

pollinations-image-gen

Warn

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill runs a local Node.js script (scripts/generate.mjs). This script resolves the output path using path.resolve(process.cwd(), args.output), which allows writing files to any location accessible by the process if the user provides a specific path.
  • [EXTERNAL_DOWNLOADS]: The script downloads image data from https://gen.pollinations.ai, which is the primary functionality of the skill.
  • [PROMPT_INJECTION]: The skill processes untrusted user input that is sent to an external API, creating a vulnerability to indirect prompt injection.
  • Ingestion points: User-provided text via the --prompt CLI flag in scripts/generate.mjs.
  • Boundary markers: The prompt is URL-encoded before transmission.
  • Capability inventory: The skill has network access (fetch) and file system access (writeFile, mkdir).
  • Sanitization: No content-based sanitization or safety filtering of the prompt is performed before it is sent to the image generation service.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 18, 2026, 05:21 AM