Skills
skills/horace4444/extend-my-claude-code/image-converter/Gen Agent Trust Hub

image-converter

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOW
Full Analysis
  • [EXTERNAL_DOWNLOADS] (INFO): The skill requests installation of 'pillow' and 'pillow-heif' from PyPI. These are trusted, industry-standard libraries for image processing.
  • [DATA_EXFILTRATION] (SAFE): All identified code snippets perform local file operations. No network-based exfiltration (curl, wget, or requests) was found.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes external image files which is a potential injection surface. Evidence Chain: 1. Ingestion: Image.open() reads untrusted files. 2. Boundary Markers: Absent. 3. Capability Inventory: File-write (img.save()) across multiple snippets. 4. Sanitization: Handled by the Pillow library's internal parser. Risk is low as the skill transforms pixel data rather than interpreting content as instructions.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 12:33 PM