baoyu-comic
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- Indirect Prompt Injection (LOW): The skill implements a workflow that ingests untrusted source material to generate comic storyboards and image prompts, creating an attack surface for Indirect Prompt Injection (Category 8).\n
- Ingestion points: Untrusted source content is directly appended to the system-style instructions in
references/base-prompt.mdand processed by thereferences/analysis-framework.md.\n - Boundary markers: The prompts use simple headers (e.g., 'content provided below') but lack robust delimiters or specific 'ignore embedded instructions' directives to protect against adversarial content.\n
- Capability inventory: The skill includes a TypeScript utility
scripts/merge-to-pdf.tscapable of file system read/write operations (viareadFileSyncandBun.write).\n - Sanitization: There is no evidence of content sanitization, filtering, or validation before the source material is interpolated into the generation pipeline.\n- Unverifiable Dependencies (LOW): The file
scripts/merge-to-pdf.tsdepends on thepdf-libpackage. While this is a standard and well-regarded library for PDF manipulation, it is an external dependency not included in the pre-approved trusted list. The finding is rated LOW because the dependency is directly related to the skill's primary purpose of document assembly.
Audit Metadata