Skills
skills/jimliu/baoyu-skills/baoyu-imagine/Gen Agent Trust Hub

baoyu-imagine

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses execFileSync to execute the system curl command within scripts/providers/google.ts. This is utilized for API communication with Google's generative language services when an HTTP proxy is detected, serving as a workaround for specific runtime network limitations.
  • [EXTERNAL_DOWNLOADS]: The skill communicates with various well-known AI service providers (including Google, OpenAI, Azure, DashScope, OpenRouter, Replicate, and Volcengine) to send generation prompts and download resulting image data. These connections are made to official API endpoints required for the skill's core functionality.
  • [DATA_EXFILTRATION]: The skill ingests user-provided prompt text and local image files to be used as references. This data is transmitted to the selected AI provider's API. The skill does not access sensitive system credentials or unauthorized file paths.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 06:21 AM