asset-enhancer

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill connects to numerous well-known technology and cloud services to facilitate image generation, including Cloudflare, Google (Imagen/Gemini), OpenAI, HuggingFace, NVIDIA, and specialty providers like Recraft and Ideogram. These connections are standard for the skill's stated purpose.
  • [COMMAND_EXECUTION]: The skill instructions specify the use of local command-line tools for image vectorization, specifically referencing 'vtracer' and 'potrace' which are expected to be available on the system PATH.
  • [DATA_EXPOSURE]: Documentation describes the use of various provider API keys (e.g., OPENAI_API_KEY, HF_TOKEN). The skill encourages standard security practices such as using environment variables for credential management.
  • [DATA_INGESTION]: Processes untrusted user input in the form of asset briefs and externally generated images. To mitigate risks associated with indirect prompt injection, the skill incorporates a multi-tier validation pipeline including deterministic safety checks and moderation layers.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 01:47 PM
Security Audit — agent-trust-hub — asset-enhancer