videoagent-director

The provided script is not directly malicious: it contains no obfuscated or dynamic execution, no remote shell/backdoor primitives, and no immediate destructive operations. However it carries moderate supply-chain and privacy risks: hardcoded default proxy endpoints will exfiltrate prompts unless overridden, and tokens are cached insecurely in a world-accessible temp file. Operators should (1) set IMAGE_PROXY/VIDEO_PROXY/AUDIO_PROXY to trusted endpoints, (2) prefer providing tokens via env vars instead of relying on proxy-issued tokens, (3) secure or avoid the token cache (use secure store or restrict permissions), and (4) avoid running with sensitive prompts against untrusted defaults. If these mitigations are not acceptable, treat use of this package as a security concern.

Benign overall: The skill's footprint is coherent with its purpose of autonomous storyboard and asset generation from natural-language briefs, with a reasonable scope that does not require sensitive credentials. The architecture emphasizes local orchestration and per-shot execution via director.js, which is appropriate for the described use-case. The primary risk area is reliance on external hosted proxies for execution; ensure proxies are trusted, sources are verifiable, and the network paths are documented. No credential exfiltration or dangerous behaviors are evident from the provided description.