image-gen
Pass
Audited by Gen Agent Trust Hub on Jul 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads the
uvpackage manager installer from the official Astral domain (astral.sh). - [EXTERNAL_DOWNLOADS]: Machine learning model weights for Z-Image-Turbo, FLUX.2, and SeedVR2 are fetched from established Hugging Face repositories during initial execution.
- [COMMAND_EXECUTION]: Shell and Python scripts are executed locally to manage environment setup and drive the image processing pipeline.
- [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection because it ingests user-defined text for image generation. However, this is the core function of the skill and has no impact on agent-level decision logic.
- Ingestion points: User-provided prompt text delivered via the
--promptargument toscripts/generate_image.py. - Boundary markers: No delimiters or boundary markers are utilized for the prompt input.
- Capability inventory: Capability to write generated image files to the local
~/.image-gen/out/directory and execute local Python sub-processes. - Sanitization: No input sanitization or filtering is applied to the prompt strings.
Audit Metadata