imagegen
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- Credential Management: The skill provides clear guidance on safely managing the
OPENAI_API_KEYusing environment variables and explicitly warns against disclosing the full key in the chat interface. - Input Processing: The 'prompt augmentation' workflow structures user-provided text into labeled specifications. This helps maintain context and reduces the risk of unexpected behavior by constraining how user input influences the final API request.
- Dependency Usage: The skill relies on well-established packages such as
openaiandpillow. The script uses the official OpenAI SDK for all API communications, ensuring standard security protocols are followed. - File System Safety: The bundled CLI tool includes a sanitization routine for generating filenames from user prompts. This is a positive security practice that prevents potential path traversal issues during batch generation tasks.
- Vendor Integrity: All external resources and API calls are directed to official OpenAI services, aligning with the skill's stated purpose and authorship.
Audit Metadata