article-illustrator
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs file system operations including creating directories (illustrations/{topic-slug}/), reading user-provided markdown files, and modifying those files to insert image references.
- [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection (Category 8):
- Ingestion points: Reads article content from a user-provided file path (
path/to/article.md). - Boundary markers: No explicit delimiters or 'ignore' instructions are defined when interpolating article content into illustration prompts.
- Capability inventory: File read/write access and the ability to trigger other image generation skills.
- Sanitization: No sanitization or filtering of the article content is performed before prompt generation.
- [DYNAMIC_EXECUTION]: The skill implements dynamic loading of configuration or logic from
EXTEND.mdfiles found in either the project directory or the user's home directory (~/.content-gen-skills/article-illustrator/EXTEND.md). This allows for behavior modification via local files.
Audit Metadata