The Agent Skills Directory

[SAFE]: The skill correctly handles sensitive Gemini API keys by storing them in a local ".env" file and verifying that ".env" is added to ".gitignore". This approach prevents accidental exposure of credentials in shared environments or version control systems.- [SAFE]: Shell operations are limited to benign project directory management, such as creating folders for images and prompts, and updating configuration files with user-provided keys.- [SAFE]: The skill uses official MCP tools for image generation, ensuring that external operations are conducted through authorized channels consistent with the skill's stated purpose.- [PROMPT_INJECTION]: The skill processes untrusted user input to derive visual concepts and generate prompts for image creation. While this creates a surface for indirect prompt injection, the risk is minimal and inherent to the nature of AI image generation tasks. Ingestion point: Phase 1 (SKILL.md); Boundary markers: Absent; Capability inventory: File system management and image generation tool access; Sanitization: Absent.

infographic-v2