The Agent Skills Directory

[SAFE]: The skill interacts with the official OpenAI API endpoint for image generation. Communication is performed over HTTPS using standard authorization headers.
[SAFE]: Data handled from the API (image URLs and prompts) is properly sanitized. The slugify function ensures filenames are safe, and the write_gallery function uses html_escape to prevent Cross-Site Scripting (XSS) when generating the thumbnail gallery.
[SAFE]: The skill includes comprehensive unit tests (scripts/test_gen.py) specifically designed to verify that HTML escaping and sanitization logic correctly mitigate injection risks.
[SAFE]: Credential management follows best practices by retrieving the OPENAI_API_KEY from environment variables rather than hardcoding or storing it unsafely.

openai-image-gen