qizhuo-selfie
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill interacts with 'api.wavespeed.ai' to upload reference images and download generated results. This is the core functionality of the skill and uses standard API patterns with an environment-variable based API key.
- [COMMAND_EXECUTION]: The skill includes a bash wrapper script ('qizhuo-selfie.sh') that executes the core Python logic. This is a standard utility pattern for CLI accessibility.
- [SAFE]: The skill explicitly defines and checks a 'DISABLED_SCENES' list (mirror_selfie, beach_selfie, etc.) to prevent the generation of potentially inappropriate or logically inconsistent content.
Audit Metadata