Trust Assessment
Flux 2 Flash 图像生成 received a trust score of 95/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Potential Server-Side Request Forgery (SSRF) via image_urls parameter.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Potential Server-Side Request Forgery (SSRF) via image_urls parameter The skill's `submit_task` function, when used in image editing mode, accepts an `image_urls` parameter which is an array of arbitrary URLs. The underlying system (either the agent executing `submit_task` or the `fal-ai` service) will fetch content from these URLs. This creates a potential Server-Side Request Forgery (SSRF) vulnerability. An attacker could provide URLs pointing to internal network resources (e.g., `http://localhost/admin`, cloud metadata endpoints, or internal services) to probe the internal network, access sensitive data, or trigger actions. This broad access to arbitrary URLs constitutes an excessive permission. Implement strict URL validation and sanitization for the `image_urls` parameter. Restrict allowed schemes (e.g., only `http`, `https`), disallow private IP ranges, loopback addresses, and potentially sensitive domains. Consider using a proxy or dedicated service for fetching external images to isolate the agent's network. | LLM | SKILL.md:39 |
Scan History
Embed Code
[](https://skillshield.io/report/aae32bb2d2a7c0e0)
Powered by SkillShield