ormus-illustrator

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses local command execution as its primary interface, invoking Python scripts (generate.py, replicate.py, midjourney.py, pixellab.py) to process user requests. These commands are executed within the user's local environment to interact with external AI services.
  • [SAFE]: Prompt interpolation for image generation is handled using double quotes in the command examples, which helps prevent basic shell command injection. The skill relies on standard platform capabilities for its intended purpose.
  • [SAFE]: Authentication procedures, such as using the gcloud CLI for Gemini or environment variables for PixelLab, are documented clearly and follow established security best practices for credential management.
  • [SAFE]: No evidence of obfuscation, data exfiltration, or unauthorized privilege escalation was found in the skill metadata or instructional content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 11:30 AM
Security Audit — agent-trust-hub — ormus-illustrator