Skills
skills/hansonyyds/beary-skills/ms-image-gen/Gen Agent Trust Hub

ms-image-gen

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION] (LOW): The script reads sensitive configuration (API key) from a file in the user's home directory (~/.modelscope-image-gen/modelscope-image-gen.local.md). While this is the intended behavior for credential management for this skill, any script reading from the home directory is noted as a potential data exposure risk.
  • [EXTERNAL_DOWNLOADS] (SAFE): The skill downloads images from URLs provided by the ModelScope API. The target domain api-inference.modelscope.cn is a legitimate endpoint for this service.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes external data (prompts) which could contain malicious instructions for the downstream image model.
  • Ingestion points: The --prompt CLI argument and --batch file input in scripts/image-gen.py.
  • Boundary markers: Absent. The input is passed directly to the ModelScope API payload without delimiters.
  • Capability inventory: The script performs network requests (requests.post) to an external API and writes files (open().write()) to the local filesystem.
  • Sanitization: No validation or sanitization is performed on the prompt text before transmission.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 05:09 PM