Trust Assessment
gemini-tg-image-gen received a trust score of 59/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 0 critical, 2 high, 2 medium, and 1 low severity. Key findings include Suspicious import: requests, Potential data exfiltration: file read + network send, Potential Server-Side Request Forgery (SSRF) via image URL.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential data exfiltration: file read + network send Function '_download_url' reads files and sends data over the network. This may indicate data exfiltration. Review this function to ensure file contents are not being sent to external servers. | Static | skills/drones277/gemini-tg-image-gen/scripts/generate_image.py:42 | |
| HIGH | Potential Server-Side Request Forgery (SSRF) via image URL The skill downloads image URLs provided by the OpenRouter API response. If a malicious prompt could induce the image generation model to output an internal or malicious URL, the skill would attempt to fetch content from that URL, potentially leading to Server-Side Request Forgery (SSRF) and exposing internal network resources or sensitive data. While the model is for image generation, the risk of it generating an arbitrary URL, especially if prompted creatively, cannot be entirely dismissed without further validation. Implement a URL validation and allow-listing mechanism to restrict image downloads to trusted domains or to prevent access to private IP ranges. Consider using a proxy or sandboxed environment for external requests. | LLM | scripts/generate_image.py:40 | |
| MEDIUM | Suspicious import: requests Import of 'requests' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/drones277/gemini-tg-image-gen/scripts/generate_image.py:6 | |
| MEDIUM | Unpinned Python dependencies The Python script relies on external libraries like `requests` but does not specify exact versions in a `requirements.txt` or `pyproject.toml` file. This can lead to non-deterministic builds, compatibility issues, or the inadvertent installation of malicious versions of dependencies if a package maintainer's repository is compromised. Add a `requirements.txt` file with pinned versions for all direct and transitive dependencies (e.g., `requests==2.28.1`). Use a dependency management tool like `pip-tools` or `Poetry` to manage and lock dependencies. | LLM | scripts/generate_image.py:1 | |
| LOW | Markdown injection in Telegram caption The user's prompt is directly used as the caption for the Telegram message without sanitization. If the prompt contains markdown or other special characters, it could be interpreted by Telegram, leading to unexpected formatting, malicious link injection, or other client-side display issues. Sanitize or escape the user's prompt before using it in the Telegram caption to prevent markdown or other client-side injection attacks. | LLM | SKILL.md:22 |
Scan History
Embed Code
[](https://skillshield.io/report/b7127105da7f39cc)
Powered by SkillShield