fal-restore
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs its intended function of image restoration by communicating with the official fal.ai service.
- [COMMAND_EXECUTION]: The script uses curl and jq for API interaction. All shell variables used in command arguments are double-quoted within the script logic, which prevents argument splitting and ensures parameters are passed as single strings to the underlying tools.
- [CREDENTIALS_UNSAFE]: The skill includes a helper command to store an API key in a local .env file. This is a documented, standard method for managing environment secrets and does not involve hardcoding or leaking credentials.
Audit Metadata