linkfoxai-image-tool

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill dynamically selects and executes local scripts from a scripts/ directory based on the user's operating system (e.g., .ps1 for Windows, .sh for macOS/Linux). These scripts are intended to handle image processing tasks locally before falling back to API calls.
  • [CREDENTIALS_UNSAFE]: The skill manages API authentication using the ZNOPEN_API_KEY. It reads this key from a local configuration file located at ~/.znopen/config.json and instructs the agent to help the user configure this file if the key is missing.
  • [EXTERNAL_DOWNLOADS]: The skill interacts with the vendor's official API endpoint at https://sbappstoreapi.ziniao.com/openapi-router to perform image uploads, scene fission, and object replacement tasks when local scripts are unavailable or fail.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 08:03 AM