The Agent Skills Directory

[PROMPT_INJECTION]: The static analysis tool flagged several files for prompt injection. Upon manual review, these are benign educational examples and documentation. Specifically, 'references/craft.md' and 'references/gallery-research-paper-figures.md' contain examples of how to illustrate or describe prompt injection attacks in technical figures (e.g., No. 95 in the research paper gallery). These are not attempts to override the agent's behavior but are intended for training and reference.
[CREDENTIALS_UNSAFE]: The skill correctly handles the OpenAI API key by reading it from the 'OPENAI_API_KEY' environment variable. No hardcoded secrets or unsafe credential handling practices were observed.
[EXTERNAL_DOWNLOADS]: The skill downloads and installs dependencies from official and trusted sources. It uses the 'openai' and 'python-dotenv' packages from PyPI. The installation instructions point to the author's official GitHub repository ('wuyoscar/gpt_image_2_skill').
[DATA_EXFILTRATION]: No patterns of data exfiltration were found. The tool communicates only with the official OpenAI API endpoints for image generation and editing.
[DYNAMIC_EXECUTION]: The entry-point script 'scripts/generate.py' dynamically adjusts the Python path to import its core logic from the local 'src' directory. This is a standard practice for distributed Python tools and does not pose a security risk in this context.

gpt-image