asset-enhancer
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill connects to numerous well-known technology and cloud services to facilitate image generation, including Cloudflare, Google (Imagen/Gemini), OpenAI, HuggingFace, NVIDIA, and specialty providers like Recraft and Ideogram. These connections are standard for the skill's stated purpose.
- [COMMAND_EXECUTION]: The skill instructions specify the use of local command-line tools for image vectorization, specifically referencing 'vtracer' and 'potrace' which are expected to be available on the system PATH.
- [DATA_EXPOSURE]: Documentation describes the use of various provider API keys (e.g., OPENAI_API_KEY, HF_TOKEN). The skill encourages standard security practices such as using environment variables for credential management.
- [DATA_INGESTION]: Processes untrusted user input in the form of asset briefs and externally generated images. To mitigate risks associated with indirect prompt injection, the skill incorporates a multi-tier validation pipeline including deterministic safety checks and moderation layers.
Audit Metadata