Knowledge Comic Creator

Name: baoyu-skills/baoyu-comic
Author: jimliu

View on GitHub↗

Share on X Share on LinkedIn Share on Bluesky

100Critical

This skill is vulnerable to arbitrary

ThreatsCI SM CS BC S HITL

Behavior Analysis

Mismatch detected — The skill's description implies it directly performs 'sequential image generation'. However, the detailed workflow shows it delegates the actual image generation to an 'installed image generation skill' and image compression to system tools, acting as an orchestrator rather than a direct image creator.

Claims to do

Knowledge Comic Creator: Create original knowledge comics with flexible art style × tone combinations.

Actually does

The skill processes input content and user options to generate a storyboard, character definitions, and image prompts. It then orchestrates comic creation by invoking an external image generation skill to produce comic pages and character sheets, optionally compressing images using `sips` or `pngquant`. Finally, it uses `scripts/merge-to-pdf.ts` (executed via `bun` or `npx`) to merge the generated images into a PDF.

Threat Analysis

AI Agent Traps ↗Scanned 4/15/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoning1 finding

Cognitive StateMemory & Learning1 finding

Behavioural ControlAction4 findings

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namejimliu/baoyu-skills/baoyu-comic

Registrygithub

Versione13092ba2af1

PURLpkg:github/jimliu/baoyu-skills@e13092ba2af1?skill=baoyu-comic

Stars14,596

Installs15,300

Source

Repository ↗SKILL.md ↗

SHA-256a2665a1e51b1...

SHA-189929339c971...

MD56bc282335ec0...

TLSH1162d7760cc3...

ssdeep384:xf0m4qOy...

Size15,140 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

GitHub

https://github.com/jimliu/baoyu-skills/tree/main/skills/baoyu-comic

15,300 installs

Claude CodeDocs

/plugin marketplace add jimliu/baoyu-skills

/plugin install baoyu-comic@jimliu/baoyu-skills

Skills.shDocs

npx skills add https://github.com/jimliu/baoyu-skills --skill baoyu-comic

Assessments (3)

AI Agent Traps ↗

Arbitrary Code Execution via Script Runnercriticalcommand execution

The skill explicitly defines a mechanism to execute TypeScript scripts using 'bun' or 'npx'. If script names or arguments are not properly sanitized, this can lead to arbitrary code execution.

100% confidenceline 124

Agent Execution Instructions:
1. Determine this SKILL.md file's directory path as `{baseDir}`
2. Script path = `{baseDir}/scripts/<script-name>.ts`
4. Resolve `${BUN_X}` runtime: if `bun` installed → `bun`; if `npx` available → `npx -y bun`

External Command Execution for Image Processingcriticalcommand execution

The skill directly invokes system commands like 'sips' (macOS) and 'pngquant' for image compression. Lack of input sanitization for file paths could allow command injection.

100% confidenceline 220

Or system tools: `sips -s format jpeg -s formatOptions 80 input.png --out output.jpg` (macOS)
Or: `pngquant --quality=65-80 input.png -o output.png`

Potential Path Traversal in Output Directoryhighdata exfiltration

The output directory path `comic/{topic-slug}/` uses a user-derived 'topic-slug'. Insufficient sanitization of this slug could enable path traversal attacks, leading to arbitrary file writes or reads.

80% confidenceline 115

Output directory: `comic/{topic-slug}/`
Slug: 2-4 words kebab-case from topic

Sub-Agent Spawning and Tool Use Dependencyhighsub agent spawning

The skill invokes an external image generation skill (e.g., 'baoyu-imagine'). This introduces a supply chain risk, as vulnerabilities or malicious intent in the invoked skill could be exploited.

90% confidenceline 200

Invoke an installed image generation skill such as `baoyu-imagine`
Read that skill's `SKILL.md` and follow its documented interface

Reliance on External Configuration File (EXTEND.md)mediummemory poisoning

The skill loads configuration from `EXTEND.md` in specific user or project directories. If an attacker can modify this file, they could poison the agent's preferences or introduce malicious configurations.

80% confidenceline 250

CRITICAL: If EXTEND.md not found, MUST complete first-time setup... Path: `.baoyu-skills/baoyu-comic/EXTEND.md` | `$HOME/.baoyu-skills/baoyu-comic/EXTEND.md`

Description Mismatchlowdescription mismatch

The skill's description implies it directly performs 'sequential image generation'. However, the detailed workflow shows it delegates the actual image generation to an 'installed image generation skill' and image compression to system tools, acting as an orchestrator rather than a direct image creator.

85% confidence

Description: 'Creates original educational comics with detailed panel layouts and sequential image generation.' Workflow: 'Invoke an installed image generation skill such as `baoyu-imagine`', 'Use available image compression skill (if any) Or system tools: `sips`... Or: `pngquant`...'

Dependencies (1)

baoyu-skills.claude-plugin/marketplace.jsonnot scanned

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/github/jimliu/baoyu-skills/baoyu-comic.svg)](https://mondoo.com/ai-agent-security/skills/github/jimliu/baoyu-skills/baoyu-comic)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/github/jimliu/baoyu-skills/baoyu-comic"><img src="https://mondoo.com/ai-agent-security/api/badge/github/jimliu/baoyu-skills/baoyu-comic.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/github/jimliu/baoyu-skills/baoyu-comic.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow