storyboard-generator
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves a clear, legitimate purpose of storyboarding and image generation, with no hidden or suspicious functionality identified.
- [SAFE]: Network activity in the 'scripts/generate_image.py' file is limited to making API requests to 'https://generativelanguage.googleapis.com', which is an official and well-known Google service for AI model interaction.
- [SAFE]: The Python script 'generate_image.py' relies exclusively on standard library modules (such as argparse, json, and urllib), minimizing the risk of supply chain attacks or unverified external dependencies.
- [SAFE]: Sensitive data management follows best practices by using placeholders ('REMOVED_GEMINI_KEY') instead of hardcoding live credentials within the skill files.
- [SAFE]: File system operations are transparent and restricted to creating and saving image files in the user-specified project directories.
- [SAFE]: Although the skill processes untrusted user story content (an indirect prompt injection surface), it lacks dangerous capabilities like shell command execution or network exfiltration of local data, maintaining a safe profile.
Audit Metadata