sora
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- Official SDK Integration: The skill uses the official
openaiPython package to interact with the Sora API, ensuring a trusted and maintained communication channel. - Secure Credential Handling: The
OPENAI_API_KEYis managed via environment variables rather than hardcoded secrets. The documentation correctly advises users on how to set this locally, promoting secure handling of API credentials. - Authenticated Network Access: Outbound network connections are limited to OpenAI's official API infrastructure for submitting video jobs and retrieving assets, which is the expected behavior for this skill.
- Robust Input Validation: The provided CLI script,
scripts/sora.py, performs extensive validation on user-provided parameters like video dimensions, models, and durations, reducing the risk of malformed requests.
Audit Metadata