Skills
skills/youmind-openlab/grok-imagine-prompts-search-skill/grok-imagine-prompts/Gen Agent Trust Hub

grok-imagine-prompts

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The agent is instructed to execute a local Node.js script scripts/search.mjs to search the prompt library.
  • [EXTERNAL_DOWNLOADS]: The scripts/search.mjs script performs network requests to a vendor-provided API at https://youmind.com/youhome-api/video-prompts to fetch prompt data.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it ingests and processes community-generated content.
  • Ingestion points: The skill fetches external data (titles, content, and descriptions) from the YouMind API in scripts/search.mjs.
  • Boundary markers: Absent. The instructions do not define delimiters for the external content or warn the agent to ignore instructions embedded in the results.
  • Capability inventory: The agent can execute shell commands via the included search script and potentially other tools depending on the platform environment.
  • Sanitization: Absent. There is no evidence of content filtering or escaping before the retrieved data is processed and presented to the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 12:37 AM