image-generation
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or data exfiltration attempts were detected. The skill follows established security best practices by recommending that API keys be stored in environment variables rather than being hardcoded.
- [COMMAND_EXECUTION]: The skill references legitimate commands such as 'claude mcp list' and 'ask-gemini' which are standard for managing MCP servers and executing AI requests within a developer environment. These commands are necessary for the skill's primary function and do not pose a security risk when used as intended.
- [EXTERNAL_DOWNLOADS]: The documentation mentions 'gemini-cli' as a required tool. Per the trusted vendor guidelines, resources associated with the Google Gemini ecosystem are considered trusted, and referencing these tools for legitimate functionality does not escalate the security verdict.
Audit Metadata