storyboard-generator
Fail
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: A hardcoded Gemini API key (
AIzaSyDvvGGRbH4Os3Er0dYi0kE_AzE3_2b_Az8) is exposed in theSKILL.mdfile within both the command example in Phase 4 and the API configuration table. - [COMMAND_EXECUTION]: The skill executes the local Python script
scripts/generate_image.pyusingpython3to generate images and manage local file storage. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted user stories and interpolates them into image generation prompts without sanitization. * Ingestion points: User story descriptions provided during Phase 1 of the
SKILL.mdworkflow. * Boundary markers: The skill lacks robust delimiters to isolate user-provided content from the system instructions and prompt templates. * Capability inventory: The skill has the ability to execute a local script with the power to perform network requests and write to the local filesystem. * Sanitization: No validation or sanitization logic is applied to the user-provided story strings before they are used as command-line arguments.
Recommendations
- AI detected serious security threats
Audit Metadata