The Agent Skills Directory

[COMMAND_EXECUTION]: In scripts/providers/google.ts, the skill utilizes execFileSync to invoke the system curl binary. This is explicitly implemented as a workaround for Bun runtime socket issues when communicating through HTTP proxies. The command is invoked with structured arguments and does not use a shell, significantly reducing the risk of argument injection.- [EXTERNAL_DOWNLOADS]: The skill establishes network connections to well-known and trusted AI service providers including Google Gemini, OpenAI, Azure, OpenRouter, and Replicate. These downloads are limited to the retrieval of generated image data and API responses as part of the skill's primary function.- [SAFE]: Secret management follows industry standards by instructing users to provide API keys via environment variables or local .env files (e.g., OPENAI_API_KEY, GOOGLE_API_KEY). No hardcoded credentials or sensitive tokens were found within the codebase.

baoyu-imagine