imagegen
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes the official
openaiPython SDK and standard libraries to interact with image generation services, adhering to established development patterns. - [SAFE]: External dependencies are limited to
openaiandpillow. Both are reputable packages necessary for the skill's core functionality of API communication and image processing. - [SAFE]: Credential security is prioritized; the skill instructs users to configure the
OPENAI_API_KEYvia environment variables and includes explicit warnings against sharing the full key in communication channels. - [SAFE]: File system interactions in
scripts/image_gen.pyare restricted to reading local image/prompt inputs and writing generated artifacts to project-specific directories liketmp/andoutput/. - [SAFE]: While the skill processes user-supplied data (prompts and images) that could theoretically contain indirect prompt injections, the potential impact is limited to the visual content of the generated images and does not affect the safety or integrity of the agent's execution environment.
Audit Metadata