Compress Image

The skill does what it says (local image compression) but the bundle contains a large unrelated image-generation toolset and documentation that discusses writing API keys and persisting config — these extras are out-of-scope and raise caution before use.

This skill's primary compressor CLI (scripts/main.ts, doctor/ensure-ready/setup) is coherent with its description and appears safe for local image compression. However the package bundles a large 'shared-image-generation' toolset and documentation that instructs agents to persist API keys and write .image-skills configuration. Before installing or running anything in this bundle: - Treat the repo as more than a small compressor: review files under scripts/vendor/shared-image-generation and scripts/vendor/weryai-* for network calls or code that reads/writes environment variables or secret files. - Do not run bootstrap/npm install or any vendor scripts until you audit package.json files and vendor script contents; those will pull third-party packages into your environment. - Ensure you have no sensitive environment variables (IMAGE_GEN_API_KEY or other secrets) set in the environment if you only intend to use the compressor, and avoid running scripts that mention persisting keys. - If you only need compression, run the specific compressor CLI (npm run compress / bun scripts/main.ts) in a sandboxed/test environment, and use doctor/ensure-ready with --json to inspect detected tools before proceeding. Given the mixed contents and conflicting guidance about secrets/config persistence, proceed with caution and review the vendor code paths that handle API keys and model discovery before granting it broader rights or running install/bootstrap steps.