The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses execFileSync in the Google provider module (scripts/providers/google.ts) to execute the system curl binary. This is documented as a technical workaround for Bun's fetch implementation regarding long-lived proxy connections. The execution is restricted to the curl binary and uses structured argument arrays to prevent shell injection.
[DATA_EXFILTRATION]: The skill transmits user prompts and reference image data to well-known and reputable AI service providers, including Google, OpenAI, OpenRouter, Alibaba Cloud, and Volcengine. These network operations are fundamental to the skill's purpose of generating AI images via official APIs.
[CREDENTIALS_UNSAFE]: Sensitive API keys are managed through environment variables and local .env files located in the user's home directory or project folder (.baoyu-skills/). The skill correctly instructs users to use these standard secret management practices rather than hardcoding credentials.
[INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it ingests content from local files (via --promptfiles) and incorporates them into the prompt sent to external AI models. While it lacks explicit boundary markers to delimit untrusted content, this is a common characteristic of image generation tools and the risk is mitigated by the safety filters of the target AI providers.

baoyu-image-gen