compress-image
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The script uses
child_process.spawnto execute local binaries includingsips,cwebp, and ImageMagick (convert), as well as thewhichutility to detect available tools. These executions are scoped to the skill's primary function of image processing. - [EXTERNAL_DOWNLOADS]: The skill uses
npxto run the Bun runtime and includes a dynamic import for thesharpNode.js package, which is a standard library for image processing.
Audit Metadata