Skills
skills/fal-ai-community/skills/fal-kling-o3/Gen Agent Trust Hub

fal-kling-o3

Fail

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: HIGHCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The scripts kling-generate.sh and kling-video.sh contain a high-severity command execution vulnerability.
  • The --add-fal-key parameter writes user-provided input directly into a .env file using the command echo "FAL_KEY=$2" > .env.
  • Because the scripts subsequently load this file using source ".env", any shell command substitution (such as $(...)) included in the input will be executed by the shell.
  • This allows for both immediate command execution and persistent backdoors if a malicious key is saved.
  • [CREDENTIALS_UNSAFE]: The skill stores sensitive API keys in plain text in a local .env file, which increases the risk of credential exposure if the file system is accessed by unauthorized users or other processes.
  • [PROMPT_INJECTION]: The skill is vulnerable to JSON injection (schema confusion) when constructing API requests.
  • User input from the --prompt and --param arguments is interpolated directly into the PAYLOAD variable using double quotes without any escaping or validation.
  • An attacker can inject special characters like double quotes to terminate the intended JSON field and inject additional fields into the request sent to queue.fal.run.
  • [EXTERNAL_DOWNLOADS]: The skill makes network requests to queue.fal.run. This is the official endpoint for the fal.ai service and is consistent with the skill's stated purpose and author context.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 7, 2026, 08:01 PM