Scan Report
0 /100
img-compress
Batch compress image file sizes (JPG/PNG), keep dimensions, reduce volume
Legitimate image compression tool using Pillow with no security issues found.
Safe to install
Safe to use as documented. The filesystem:WRITE permission is necessary for in-place file overwriting and is declared in SKILL.md.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | WRITE | WRITE | ✓ Aligned | SKILL.md states 'Overwrites original files (in-place)', scripts/compress_img.py:… |
| Shell | NONE | NONE | — | |
| Network | NONE | NONE | — | |
| Environment | NONE | NONE | — | |
| Skill Invoke | NONE | NONE | — | |
| Clipboard | NONE | NONE | — | |
| Browser | NONE | NONE | — | |
| Database | NONE | NONE | — |
File Tree
2 files · 3.6 KB · 125 lines Python 1f · 88L
Markdown 1f · 37L
├─
▾
scripts
│ └─
compress_img.py
Python
└─
SKILL.md
Markdown
Security Positives
✓ Script performs exactly as documented - image compression with Pillow
✓ No network communication, no data exfiltration attempts
✓ No credential harvesting or sensitive file access (~/.ssh, ~/.aws, .env)
✓ No shell execution, no subprocess calls
✓ No obfuscation (no base64, no eval, no encoded payloads)
✓ No curl|bash or wget|sh remote script execution
✓ Files are processed locally using standard PIL library
✓ Documentation accurately describes functionality and behavior