Fähigkeiten generate-image Audit-Verlauf
🎨

Audit-Verlauf

generate-image - 4 Audits

Audit-Version 4

Neueste Sicher

Jan 17, 2026, 07:28 AM

All 153 static findings are FALSE POSITIVES. The skill is a legitimate image generation tool using OpenRouter API. The static scanner flagged standard API key handling, base64 image encoding, and documentation code blocks as suspicious patterns. No malicious intent or exfiltration behavior was found. The code performs exactly as documented - generating images via API calls to https://openrouter.ai/api/v1/chat/completions.

4
Gescannte Dateien
966
Analysierte Zeilen
4
befunde
claude
Auditiert von
Keine Sicherheitsprobleme gefunden

Risikofaktoren

🌐 Netzwerkzugriff (1)
scripts/generate_image.py:144-145
📁 Dateisystemzugriff (1)
scripts/generate_image.py:71-72
🔑 Umgebungsvariablen (1)
scripts/generate_image.py:22-35
⚙️ Externe Befehle (1)
SKILL.md:36-42

Audit-Version 3

Sicher

Jan 17, 2026, 07:28 AM

All 153 static findings are FALSE POSITIVES. The skill is a legitimate image generation tool using OpenRouter API. The static scanner flagged standard API key handling, base64 image encoding, and documentation code blocks as suspicious patterns. No malicious intent or exfiltration behavior was found. The code performs exactly as documented - generating images via API calls to https://openrouter.ai/api/v1/chat/completions.

4
Gescannte Dateien
966
Analysierte Zeilen
4
befunde
claude
Auditiert von
Keine Sicherheitsprobleme gefunden

Risikofaktoren

🌐 Netzwerkzugriff (1)
scripts/generate_image.py:144-145
📁 Dateisystemzugriff (1)
scripts/generate_image.py:71-72
🔑 Umgebungsvariablen (1)
scripts/generate_image.py:22-35
⚙️ Externe Befehle (1)
SKILL.md:36-42

Audit-Version 2

Sicher

Jan 12, 2026, 04:57 PM

All 99 static findings are FALSE POSITIVES. The skill is a legitimate image generation tool using OpenRouter API. The static scanner flagged standard API key handling, base64 image encoding, and documentation code blocks as suspicious patterns. No malicious intent or exfiltration behavior was found. The code performs exactly as documented - generating images via API calls.

2
Gescannte Dateien
467
Analysierte Zeilen
4
befunde
claude
Auditiert von
Keine Sicherheitsprobleme gefunden

Risikofaktoren

🌐 Netzwerkzugriff (1)
scripts/generate_image.py:144-145
📁 Dateisystemzugriff (1)
scripts/generate_image.py:71-72
🔑 Umgebungsvariablen (1)
scripts/generate_image.py:22-35
⚙️ Externe Befehle (1)
SKILL.md:36-42

Audit-Version 1

Sicher

Jan 4, 2026, 04:28 PM

This is a legitimate image generation script. It reads a local .env file for the OpenRouter API key and sends prompts and optional images to the documented OpenRouter endpoint. No credential harvesting, persistence mechanisms, or execution of external code was found. The code behavior matches its stated purpose.

5
Gescannte Dateien
697
Analysierte Zeilen
4
befunde
claude
Auditiert von
Keine Sicherheitsprobleme gefunden

Risikofaktoren

⚡ Enthält Skripte (1)
scripts/generate_image.py:1-282
🌐 Netzwerkzugriff (1)
scripts/generate_image.py:144-160
📁 Dateisystemzugriff (3)
scripts/generate_image.py:25-35 scripts/generate_image.py:40-60 scripts/generate_image.py:63-72
🔑 Umgebungsvariablen (1)
scripts/generate_image.py:22-35
← Zurück zum Skill