gemini-imagegen
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [CREDENTIALS_UNSAFE] (SAFE): The skill utilizes the
GEMINI_API_KEYenvironment variable for authentication, which is the recommended practice to avoid hardcoding secrets. - [EXTERNAL_DOWNLOADS] (SAFE): All network interactions are directed toward official Google API endpoints at
generativelanguage.googleapis.com. - [PROMPT_INJECTION] (SAFE): The prompt templates and instructions do not contain any patterns designed to bypass safety filters or override agent behavior.
- [COMMAND_EXECUTION] (SAFE): The provided command-line examples (python, curl) are for legitimate API interaction and local file management, utilizing standard arguments and expected inputs.
- [DATA_EXFILTRATION] (SAFE): Access to local files is restricted to reading specified image inputs and saving generated outputs, consistent with the skill's primary function.
Audit Metadata