Skills
skills/anygenio/anygen-skills/anygen-image/Gen Agent Trust Hub

anygen-image

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security vulnerabilities were identified during the analysis of the skill's code and instructions.
  • [COMMAND_EXECUTION]: The skill utilizes local Python scripts and the sessions_spawn capability to perform its tasks. These executions are scoped to the internal scripts provided with the skill.
  • [EXTERNAL_DOWNLOADS]: Fetches generated image assets and thumbnails from the verified vendor domain www.anygen.io.
  • [DATA_EXFILTRATION]: User-specified prompts and reference files are transmitted to the AnyGen API at www.anygen.io. This communication is integral to the skill's function and is restricted to the vendor's domain.
  • [CREDENTIALS_UNSAFE]: The skill securely stores the ANYGEN_API_KEY in ~/.config/anygen/config.json with restricted 0600 permissions. Additionally, all API requests use allow_redirects=False to prevent potential credential leakage through redirects.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 04:49 AM