ai-image-generator
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches model metadata and generated image data from Google Gemini and OpenAI API endpoints. Both providers are established, trusted services.
- [REMOTE_CODE_EXECUTION]: Includes a command pattern that pipes JSON data from a Google API to a local Python interpreter for parsing and display. While identified by automated scanners as a potential RCE pattern, in this context it is used to process structured data from a trusted source using a static local script.
- [COMMAND_EXECUTION]: Uses Python heredocs within shell environments to manage multi-step API requests, handle base64 image decoding, and perform file system writes.
- [COMMAND_EXECUTION]: Utilizes the Pillow (PIL) library for post-processing tasks such as image cropping and format conversion.
- [CREDENTIALS_UNSAFE]: Properly instructs the use of environment variables (GEMINI_API_KEY, OPENAI_API_KEY) for authentication, avoiding the use of hardcoded secrets.
Audit Metadata