Trust Assessment
qwen-image received a trust score of 34/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 1 critical, 2 high, 1 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Suspicious import: requests, Potential data exfiltration: file read + network send.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints Python requests POST/PUT to URL Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/robin797860/qwen-image/scripts/generate_image.py:125 | |
| HIGH | Potential data exfiltration: file read + network send Function 'main' reads files and sends data over the network. This may indicate data exfiltration. Review this function to ensure file contents are not being sent to external servers. | Static | skills/robin797860/qwen-image/scripts/generate_image.py:176 | |
| HIGH | Arbitrary File Write via filename argument The `scripts/generate_image.py` script allows users to specify an arbitrary `filename` via the `--filename` argument. The script then attempts to create and write the generated image content to this path. This could allow an attacker to write to sensitive locations on the filesystem, potentially overwriting critical system files, user data, or configuration files, leading to denial of service, privilege escalation, or other severe impacts. Restrict the `filename` argument to a specific, sandboxed directory (e.g., a temporary directory or a user-specific output directory). Implement path sanitization to prevent directory traversal attacks (e.g., `../`). For example, only allow the filename without path components and save it to a predefined secure location, such as `Path(safe_output_dir) / Path(args.filename).name`. | LLM | scripts/generate_image.py:139 | |
| MEDIUM | Suspicious import: requests Import of 'requests' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/robin797860/qwen-image/scripts/generate_image.py:92 |
Scan History
Embed Code
[](https://skillshield.io/report/d9121566eb64858a)
Powered by SkillShield