doc-image-agent
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill relies on well-known and trusted external packages, specifically the
requestslibrary for Python and the Playwright MCP package for Node.js. - [EXTERNAL_DOWNLOADS]: Instructions are provided to download and install official browser runtimes via the
playwright installcommand. - [COMMAND_EXECUTION]: The workflow involves executing a bundled Python script (
scripts/generate_image.py) and browser automation tools to capture and process images. - [DATA_EXFILTRATION]: The skill performs legitimate network communication with the OpenRouter API to fulfill image generation requests based on user-provided prompts.
- [CREDENTIALS_UNSAFE]: Security best practices are followed for credential management; API keys and site logins are accessed via environment variables, with explicit instructions to prevent exposure or hardcoding.
- [SAFE]: The skill ingests data from Markdown files to drive its automation. While this represents a surface for indirect instruction, the risk is mitigated by the specific marker formats and the context of its primary document-processing purpose. \n
- Ingestion points: Markdown files located in
cases/{article-id}.md. \n - Boundary markers: Not explicitly used for the input document content. \n
- Capability inventory: Includes browser automation (
mcp_playwright_browser_*), shell command execution (via the generation script), and file system writes. \n - Sanitization: Not explicitly implemented for the ingested Markdown markers.
Audit Metadata