Skills
skills/nicknisi/claude-plugins/image-gen/Gen Agent Trust Hub

image-gen

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes a Node.js script (dist/generate_image.js) to perform image processing. This script uses standard Node.js APIs to parse arguments and manage the generation workflow.
  • [DATA_EXFILTRATION]: For image-to-image and inpainting features, the skill reads local files specified by the --input-image and --mask flags and transmits them to external APIs (Google Gemini and OpenAI). This is documented behavior required for the skill's primary functionality.
  • [COMMAND_EXECUTION]: The script writes output files to paths provided via the --filename flag. It uses path.resolve and fs.mkdir(..., { recursive: true }) to prepare the filesystem before writing the generated image data.
  • [SAFE]: All external dependencies and API integrations target well-known and reputable service providers (Google and OpenAI).
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 07:59 AM
Security Audit — agent-trust-hub — image-gen