openai-image-gen
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell scripts (
generate.sh,batch-gothic.sh) to executecurlcommands. These commands interact with the official OpenAI API (api.openai.com) to generate and download images. This is the intended primary function of the skill. - [DATA_EXFILTRATION]: While the skill uses the
OPENAI_API_KEYenvironment variable for authentication, it only transmits this sensitive token to the legitimate OpenAI API endpoint. This is standard practice for API-based tools. - [EXTERNAL_DOWNLOADS]: The skill downloads generated image files from temporary URLs provided by OpenAI's image generation response. These downloads are a core part of the image generation workflow and originate from a well-known, trusted service.
Audit Metadata