imagegen
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements image generation functionality using the Azure OpenAI API. All operations, including network requests and local file writing, align with the stated purpose of creating and saving images.
- [DATA_EXFILTRATION]: The skill sends text prompts to a specified Azure OpenAI endpoint (
maritimeai-resource.openai.azure.com). This is a well-known cloud service (Azure) and the data transfer is necessary for the core functionality of the skill. - [COMMAND_EXECUTION]: The skill relies on a local Node.js script (
scripts/generate-image.mjs) to orchestrate API communication and handle image data processing. The script uses standard Node.js APIs and does not execute arbitrary shell commands or untrusted code. - [DATA_EXPOSURE]: The utility includes the capability to read prompt data from local files and write binary image data to the workspace. These file system operations are constrained to the paths provided via command-line arguments and are integral to the tool's workflow.
Audit Metadata