Skills
skills/sixtysecondsapp/use60/visual-assets-generator/Gen Agent Trust Hub

visual-assets-generator

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes a local script, generate-svg.ts, executed via npx tsx to handle the generation and validation of animated SVGs. This script performs file system operations, specifically writing generated SVG content to user-specified output paths.
  • [EXTERNAL_DOWNLOADS]: The skill interacts with external APIs, including Google's Gemini API for SVG generation and OpenRouter for image generation. These are well-known services used for their intended creative purposes.
  • [DATA_EXFILTRATION]: The SVG generation script accesses environment variables (GEMINI_API_KEY or VITE_GEMINI_API_KEY) to authenticate requests to the Gemini API. This is a standard practice for API-integrated tools.
  • [SAFE]: The generate-svg.ts script incorporates a security validation layer (validateSvg) that checks for and rejects generated content containing <script> tags, javascript: URIs, or excessive file sizes, mitigating risks associated with untrusted LLM output.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 11:37 AM