@1365/stickerforge
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's logic is focused on image manipulation using the Pillow library and interacting with the OpenRouter API for character trait extraction and image generation. All observed behaviors are consistent with the provided documentation.
- [EXTERNAL_DOWNLOADS]: The skill fetches NFT assets (images and metadata) from public IPFS gateways (ipfs.io, pinata.cloud, dweb.link). These are well-known services and the downloads are necessary for the 'sticker_from_pudgy' functionality.
- [COMMAND_EXECUTION]: No dangerous shell commands or unauthorized system interactions were detected. File system operations are limited to reading input images and writing generated sticker assets to the workspace.
- [DATA_EXFILTRATION]: The skill only transmits data to the configured OpenRouter API endpoint for processing. No unauthorized data exfiltration or harvesting of sensitive information (such as credentials or environment variables) was found.
Audit Metadata