Skills
skills/eturkes/claude-scientific-skills/generate-image/Gen Agent Trust Hub

generate-image

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill communicates with the OpenRouter API (openrouter.ai) to generate images. This is a standard and expected network operation for its intended functionality.
  • [DATA_EXFILTRATION]: It transmits user-provided text prompts and local image data to OpenRouter's servers. This is necessary for the image generation process and targets a reputable service.
  • [PROMPT_INJECTION]: The skill processes external inputs and possesses capabilities that create a surface for indirect prompt injection.
  • Ingestion points: Processes a text prompt and an optional input image file path provided via command-line arguments in scripts/generate_image.py.
  • Boundary markers: No delimiters or safety instructions are used to wrap the user-provided prompt during the API request.
  • Capability inventory: The script performs file reads (input images, .env files), file writes (saving the generated image), and network requests (API interaction).
  • Sanitization: No validation or sanitization is performed on the input prompt text before it is sent to the remote model.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 10:49 PM