skills/wuchubuzai2018/expert-skills-hub/apiyi-gpt-image-2-gen/Socket

apiyi-gpt-image-2-gen

Warn

Audited by Socket on Apr 27, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

SUSPICIOUS. 技能目标与图片生成/编辑能力基本一致，但核心问题是它把用户内容和凭证路由到第三方 APIYI 网关，而非上游官方 OpenAI 接口；再叠加通过个人 GitHub 仓库经 skills CLI 分发的转移信任链，整体风险高于普通文档型技能。未见明显恶意窃密或隐蔽行为，但数据流与发布归属存在显著信任偏移。

Confidence: 88%Severity: 74%

Audit Metadata

Analyzed At

Apr 27, 2026, 08:03 AM

Package URL

pkg:socket/skills-sh/wuchubuzai2018%2Fexpert-skills-hub%2Fapiyi-gpt-image-2-gen%2F@0fa55b290ff825df2bfd988daae99368a36feb92