section-dividers
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The
remove-bg.tsscript performs network requests to the Replicate API (api.replicate.com) to process images. It uploads local image data and downloads the resulting transparent PNG. Replicate is a well-known AI service provider, and this activity is consistent with the skill's primary purpose of background removal. - [COMMAND_EXECUTION]: The skill utilizes several local TypeScript scripts (e.g.,
analyze-bg.ts,colorize.ts,defringe.ts,slice-divider.ts) via thebunruntime. These scripts are used for analyzing image colors and performing standard image transformations such as tinting and cropping. - [CREDENTIALS_UNSAFE]: Security best practices are followed for API authentication. The skill correctly retrieves its Replicate API token from environment variables (
REPLICATE_API_TOKENorREPLICATE_API_KEY) rather than using hardcoded values.
Audit Metadata