image-generation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a Python script to execute image generation tasks via the OpenAI API.
- [EXTERNAL_DOWNLOADS]: The script downloads image data from OpenAI's API and associated image hosting URLs.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface.
- Ingestion points: The
promptargument ingenerate_image.py. - Boundary markers: None.
- Capability inventory: File system writing to a specified directory and network access to the OpenAI API.
- Sanitization: None. This surface is characteristic of image generation tools and represents a low risk.
- [SAFE]: Sensitive data is managed through environment variables rather than hardcoded secrets.
Audit Metadata