gpt-atelier

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads image data and model information from OpenAI's official API (api.openai.com). This is the primary function of the skill and uses trusted infrastructure.
  • [COMMAND_EXECUTION]: The compare_models.py script uses subprocess.run to execute the system's open command. This is used to automatically display the generated HTML comparison report in the user's default browser. The command is executed using a list of arguments without a shell, which prevents shell injection vulnerabilities.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 04:39 PM
Security Audit — agent-trust-hub — gpt-atelier