image-generator
Warn
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses unquoted Bash heredocs (
cat << JSONEOF) to construct JSON payloads. This configuration allows for shell variable expansion and command substitution. If theEDIT_PROMPTvariable contains characters like backticks or$(...), the shell will execute those commands on the host machine during file creation. - [COMMAND_EXECUTION]: The skill uses
python3 -cto execute dynamically generated Python code snippets for processing JSON responses and writing files. - [CREDENTIALS_UNSAFE]: The setup instructions direct the user to export the
GEMINI_API_KEYin shell profiles such as~/.bashrcor~/.zshrc. This practice places long-lived credentials in plaintext files that are common targets for credential harvesting. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of several external packages (
google-genai,pillow, and@google/genai) from public package registries and makes network requests togenerativelanguage.googleapis.com.
Audit Metadata