image-generator
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
telclaudeCLI to perform image generation tasks. This tool is part of the vendor's ecosystem and is used for its intended purpose.\n- [SAFE]: No malicious patterns, such as obfuscation or persistence mechanisms, were detected in the skill configuration.\n- [CREDENTIALS_UNSAFE]: The skill follows security best practices by instructing users to manage API credentials via the tool's keychain instead of hardcoding secrets.\n- [PROMPT_INJECTION]: The skill processes user-supplied image descriptions (SKILL.md).\n - Ingestion points: User input is passed as a string argument to the image generation command.\n
- Boundary markers: Not specified in the skill instructions.\n
- Capability inventory: The skill executes shell commands with network access for image creation.\n
- Sanitization: The skill relies on the underlying command-line interface to handle argument parsing and safety.
Audit Metadata