baoyu-image-gen
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified. The skill follows standard practices for managing API credentials and interacting with remote AI services.
- [EXTERNAL_DOWNLOADS]: The skill fetches generated image data from official and well-known API endpoints, including OpenAI, Google, and Alibaba Cloud (DashScope). These downloads are restricted to retrieving the binary image content resulting from user-initiated prompts.
- [DATA_EXPOSURE]: The skill accesses API keys from environment variables and local configuration files specifically designated for this tool suite (~/.baoyu-skills/.env). It does not access unrelated sensitive system files or exfiltrate credentials to unauthorized third parties.
Audit Metadata