Skills
skills/microlinkhq/skills/optimo/Gen Agent Trust Hub

optimo

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill utilizes the optimo package via npx for one-off command execution. Since the package is a resource provided by the vendor (microlinkhq), this constitutes standard functionality.
  • [COMMAND_EXECUTION]: The utility executes media processing pipelines by calling system-installed binaries such as ffmpeg, magick (ImageMagick), svgo, mozjpegtran, and gifsicle to perform compression and format conversion on local files.
  • [PROMPT_INJECTION]: The skill processes external media files (images and videos) from the user's project directories. This represents a potential surface for indirect prompt injection if those files contain embedded instructions in metadata or SVG content; however, this is a theoretical risk common to all media utilities and is considered safe in this context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 01:45 PM