baoyu-cover-image
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: A comprehensive evaluation of the skill's instructions and reference files indicates that it is designed for local content processing and image generation. No obfuscation, unauthorized network calls, or safety bypasses were found.
- [COMMAND_EXECUTION]: The skill guides the agent to use shell commands for managing its own configuration directory (
.baoyu-skills/). These operations are restricted to checking file existence and creating directories for user preferences, adhering to standard functional practices. - [PROMPT_INJECTION]: The skill utilizes a surface for indirect prompt injection by processing article content to generate metadata for image prompts. However, this is documented as a core feature for extracting visual themes, and the extracted data is directed to an image generation backend rather than being executed as system instructions.
Audit Metadata