seedance-prompt-en
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (LOW): The installation instructions recommend using 'npx skills add dexhunter/seedance2-skill', which fetches and executes code from a third-party registry and repository. This source is not included in the list of trusted external organizations.
- External Downloads (LOW): The README includes curl commands to download markdown files from an untrusted GitHub repository ('dexhunter/seedance2-skill') directly to the user's local hidden configuration directory (~/.claude/skills/). While the action is restricted to markdown files, it originates from an unverifiable source.
Audit Metadata