{"skill":{"slug":"zhipu-cogview-image","displayName":"Skill","summary":"Generate images using Zhipu AI's CogView model","description":"---\nname: zhipu-image\ndescription: Generate images using Zhipu AI's CogView model\nallowed-tools: Bash(curl:*) Bash(jq:*)\nenv:\n  - ZHIPU_API_KEY\n---\n\n# Zhipu Image Generation\n\nGenerate images using Zhipu AI's CogView model.\n\n## ⚠️ Security Requirements\n\n**This skill requires `ZHIPU_API_KEY` environment variable to be set before use.**\n\n### Security Best Practices:\n\n1. **DO NOT store API keys in ~/.bashrc** - keys can be leaked\n2. **DO NOT source shell configuration files** - prevents arbitrary code execution\n3. **Set environment variable directly** when running the script\n\n## Setup\n\n```bash\nexport ZHIPU_API_KEY=\"your_api_key\"\n```\n\n**Get your API key from:** https://www.bigmodel.cn/usercenter/proj-mgmt/apikeys\n\n## Usage\n\n### Quick Example\n\n```bash\nexport ZHIPU_API_KEY=\"your_key\"\n\ncurl -s -X POST \"https://open.bigmodel.cn/api/paas/v4/images/generations\" \\\n  -H \"Authorization: Bearer $ZHIPU_API_KEY\" \\\n  -H \"Content-Type: application/json\" \\\n  -d '{\"model\": \"cogview-4\", \"prompt\": \"your description\"}'\n```\n\n### Using the Script\n\n```bash\nexport ZHIPU_API_KEY=\"your_key\"\n./generate.sh \"A beautiful Chinese girl in white dress\"\n```\n\n## Security Analysis\n\n### ✅ What's Safe:\n- No sourcing of ~/.bashrc or shell config files\n- Uses jq for JSON escaping (prevents injection)\n- Uses HTTPS with TLS 1.2+\n- API key via environment variable (not hardcoded)\n- Input validation (prompt length limit)\n- Generic error messages\n\n### ⚠️ Considerations:\n- **Process list visibility**: API key visible in `ps aux`\n- Use in trusted environments only\n\n## Safety Features\n\n| Feature | Implementation |\n|---------|----------------|\n| JSON escaping | jq prevents injection |\n| Input validation | Prompt length ≤1000 chars |\n| TLS | Force TLS 1.2+ |\n| Timeout | 60 second curl timeout |\n| Error handling | Generic messages only |\n\n## Model\n\nUses **CogView-4** model from Zhipu AI.\n\n## API Endpoint\n\n**Official:** `https://open.bigmodel.cn/api/paas/v4/images/generations`\n","topics":["Image Generation"],"tags":{"latest":"1.0.0"},"stats":{"comments":0,"downloads":328,"installsAllTime":12,"installsCurrent":2,"stars":0,"versions":1},"createdAt":1771694432808,"updatedAt":1778491601423},"latestVersion":{"version":"1.0.0","createdAt":1771694432808,"changelog":"- Initial release of the zhipu-image skill for generating images with Zhipu AI's CogView model.\n- Requires setting the ZHIPU_API_KEY environment variable for secure API access.\n- Includes security and usage best practices, such as avoiding key leakage and recommending safe environment variable handling.\n- Provides example curl commands and a sample script for easy image generation.\n- Highlights security features like JSON escaping, TLS enforcement, input validation, and generic error messages.\n- Uses the CogView-4 model and the official Zhipu API endpoint.","license":null},"metadata":null,"owner":{"handle":"honestqiao","userId":"s17eq3bskgcnq6br09q9b93bpx885hds","displayName":"HonestQiao","image":"https://avatars.githubusercontent.com/u/696708?v=4"},"moderation":null}