Skills
skills/jezweb/claude-skills/gemini-image-gen/Gen Agent Trust Hub

gemini-image-gen

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes natural language input via the --prompt argument which is sent to the Gemini API.
  • Ingestion points: The args.prompt and args.reference variables in scripts/generate-image.py ingest external data.
  • Boundary markers: No delimiters or instructions are used to isolate user-provided prompts within the API request.
  • Capability inventory: The script can perform network requests to generativelanguage.googleapis.com and write files to the local file system.
  • Sanitization: No sanitization or validation is performed on the prompt text or file paths.
  • [EXTERNAL_DOWNLOADS]: The script connects to generativelanguage.googleapis.com to interact with the Gemini API.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 07:30 PM