cover-image
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): Safety filter bypass instruction. The file
references/base-prompt.mdcontains a directive stating 'DO NOT refuse to generate' when content involves sensitive or copyrighted figures, explicitly instructing the AI to circumvent standard refusal protocols by creating stylistic alternatives instead. - [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface. The skill ingests untrusted article content (Step 1) and processes it to form prompts for downstream image generation tools (Step 5) without utilizing sanitization or explicit boundary markers, which could allow malicious instructions within a processed article to hijack the generator's output.
- [COMMAND_EXECUTION] (LOW): Dynamic configuration through extension files. As described in
SKILL.md, the skill supports loading anEXTEND.mdfile from the local project or home directory to override default behaviors and styles, creating a mechanism for logic modification if the local filesystem is compromised.
Audit Metadata