Skills
skills/zephyrwang6/draw-skill/gemini-image/Gen Agent Trust Hub

gemini-image

Fail

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill instructs the agent to read the contents of config/secrets.md, which is a sensitive file path specifically used for storing private authentication tokens and secrets.
  • [DATA_EXFILTRATION]: Sensitive credentials retrieved from the local filesystem are transmitted to a non-trusted third-party domain (https://api.apicore.ai/v1/images/generations) via an Authorization header. This pattern of reading local secrets and sending them to a third-party service provider constitutes a high-risk data exfiltration vector.
  • [COMMAND_EXECUTION]: The skill uses the curl command to perform network operations. When combined with sensitive file access, this provides a direct mechanism for the exfiltration of credentials or other local data to external endpoints.
  • [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface. 1. Ingestion points: Untrusted user input is accepted in the form of image descriptions and URLs. 2. Boundary markers: Absent; user-supplied content is interpolated directly into a JSON payload for a shell command. 3. Capability inventory: Uses curl for network access to external APIs. 4. Sanitization: Absent; there is no validation or filtering of the input before it is used in the network request.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 8, 2026, 06:31 AM