fal-upscale
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill interacts with the official fal.ai API (fal.run) to perform image and video upscaling tasks. These requests are transparently documented and use standard API interaction patterns.
- [CREDENTIALS_UNSAFE]: The script manages the 'FAL_KEY' by reading from environment variables or a local '.env' file. It provides a helper flag ('--add-fal-key') to safely initialize this file. No hardcoded credentials or secrets are present in the source code.
- [COMMAND_EXECUTION]: The shell script uses standard tools such as 'curl', 'grep', and 'mktemp' for API interaction and response processing. Arguments like '--image-url' and '--model' are handled as data for JSON payloads and are not executed as shell commands.
Audit Metadata