baoyu-imagine
Pass
Audited by Gen Agent Trust Hub on May 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill performs its primary functions by interacting with established and reputable AI providers through their official APIs.
- [COMMAND_EXECUTION]: The skill utilizes
execFileSyncto invoke the systemcurlbinary within thegoogle.tsprovider module. This is specifically implemented to provide proxy support for network requests in environments where the runtime's native fetch implementation may be unreliable. The execution parameters are internally controlled and the request body is passed via standard input. - [EXTERNAL_DOWNLOADS]: The skill fetches generated image data from the content delivery networks of various AI providers. These downloads are performed as an essential step in the image generation workflow and originate from well-known technology organizations.
- [PROMPT_INJECTION]: The skill provides the ability to load image prompts from local files via the
--promptfilesargument. This ingestion point represents an attack surface for indirect prompt injection if the source files are controlled by an untrusted party, though it is the core feature for the tool's batch and file-based workflows. - Ingestion points: Prompt contents are ingested from local files in
scripts/main.tsusing thereadPromptFromFileshelper. - Boundary markers: None; content from files is used directly as the prompt input for the AI models.
- Capability inventory: The skill can perform network operations via fetch and curl, read from and write to the local file system, and execute the curl subprocess.
- Sanitization: No validation or sanitization is performed on the prompt strings before they are transmitted to the provider APIs.
Audit Metadata