The Agent Skills Directory

[SAFE]: The skill's scripts (image_pipeline.py, batch_ops.py, image_info.py, smart_crop.py, and montage_builder.py) serve as wrappers for ImageMagick, rembg, and sips. Analysis of the Python code confirms that all external command invocations via subprocess.run() use list-based arguments, effectively mitigating shell injection risks even when processing potentially untrusted file paths or JSON-defined processing steps. The skill handles image metadata (EXIF/ICC) via magick identify and parses it safely into JSON format. No patterns indicative of data exfiltration, credential theft, or unauthorized persistence were identified. Dependencies such as Pillow and rembg are standard, well-known libraries in the image processing ecosystem.

image-forge