image-generate

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to obtain and write API keys/ARK_API_KEY/MODEL_* environment variables into workspace env files and retry, which requires handling and embedding secret values verbatim (exfiltration risk).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly accepts arbitrary external reference image URLs via the task fields and CLI options (--image / --images) and the script (scripts/image_generate.py) sends those URLs to the image API and also downloads returned image URLs with requests.get, so untrusted third‑party images are ingested and used by the model and can materially influence generation.