imagegen
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a local Python script (
scripts/image_gen.py) that handles argument parsing, prompt augmentation, and API orchestration. The script manages local file operations for batch jobs and final image storage within designated project directories. - [EXTERNAL_DOWNLOADS]: The skill depends on standard, widely-used Python packages (
openai,pillow) fetched from official package registries. - [DATA_EXFILTRATION]: The skill performs outbound network requests to OpenAI's official API endpoints. It explicitly implements safe credential handling by requiring the
OPENAI_API_KEYto be provided via environment variables, with documentation warning the user against exposing the key in chat contexts. - [SAFE]: Analysis of the attack surface for indirect prompt injection: 1. Ingestion points: User-provided prompts enter the workflow through CLI arguments or JSONL input files processed by
scripts/image_gen.py. 2. Boundary markers: The skill utilizes structured prompt templates (e.g., 'Primary request:', 'Constraints:') to isolate and clarify the role of user inputs. 3. Capability inventory: The skill is limited to writing image data to the local filesystem and performing network calls to the OpenAI API. 4. Sanitization: The script performs filename slugification and utilizes the official OpenAI SDK for all API communication.
Audit Metadata