video-production

The skill's stated purpose aligns with its described capabilities: generate videos via Seedance and save them locally. The footprint is generally coherent, with credentials (ARK_API_KEY, SEEDANCE_ENDPOINT_ID) needed for backend access and a straightforward input-to-output flow. The main concerns are: (1) lack of explicit transport security and credential handling details for the API key, (2) absence of explicit error handling and validation for the backend response and downloaded video, and (3) reliance on environment-configured endpoints without shown trust, versioning, or allowlists. Overall, the risk is moderate (suspicious due to credential exposure potential and unverifiable backend interactions) but not obviously malicious. Recommend clarifying TLS usage, key management, and adding robust validation and error-handling in the implementation.