ai-image-generation
Warn
Audited by Socket on May 12, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS. The core purpose matches the capability—image generation via a hosted CLI gateway—but the skill expands trust through transitive skill installation, broad `belt *` execution, and intermediary data routing through inference.sh instead of direct model-provider APIs. This looks more like a platform wrapper than a narrowly scoped image skill; not clearly malicious, but medium risk due to supply-chain and trust-boundary concerns.
Confidence: 81%Severity: 63%
Audit Metadata