z-image
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Communicates with the ModelScope Inference API (api-inference.modelscope.cn) to submit image generation tasks and download the resulting images.
- [EXTERNAL_DOWNLOADS]: Optionally utilizes the Anthropic API via the official Python library to perform intelligent style detection when the --auto-style flag is enabled.
- [SAFE]: Implements secure credential management by prioritizing the MODELSCOPE_API_KEY environment variable and supporting local configuration files (config/secrets.md) for API keys.
- [COMMAND_EXECUTION]: Provides a command-line interface in scripts/generate.py for initiating single and batch image generation processes.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes untrusted user input that is subsequently interpolated into LLM prompts for style classification.
- Ingestion points: User prompts are ingested via CLI arguments in scripts/generate.py and potentially from external text files in batch mode.
- Boundary markers: The style detection logic in scripts/style_templates.py uses clear headers such as ## 内容: to delimit user-provided content within the classification prompt.
- Capability inventory: The skill possesses the capability to perform network requests (API calls and downloads) and write image files to the local file system.
- Sanitization: LLM-generated style IDs are strictly validated against the predefined keys of the STYLES dictionary in scripts/style_templates.py before being used in the generation pipeline.
Audit Metadata