ez-google-imagen
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses official Google Cloud and Gemini APIs (aiplatform.googleapis.com) to perform image generation and editing tasks. Accessing these well-known services is a legitimate and expected behavior for this tool.
- [SAFE]: Authentication is handled via Application Default Credentials (ADC) or the GEMINI_API_KEY environment variable. This adheres to security best practices by avoiding hardcoded credentials in the source code.
- [SAFE]: The script relies on standard, reputable Python libraries (google-genai, pillow, google-auth, httpx, and typer) to manage API interactions and image processing.
- [SAFE]: The instructions in SKILL.md guide the agent to execute the provided Python script locally using the 'uv' package manager, which is a common and safe practice for this environment. No unauthorized remote code execution or privilege escalation vectors were detected.
Audit Metadata