kie-ai
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or vulnerabilities were detected. The skill implementation is consistent with its stated functionality and follows secure development practices.
- [COMMAND_EXECUTION]: Input prompts and other parameters are passed to
jqusing the--argflag, which provides robust protection against shell command injection by treating the input strictly as data. - [EXTERNAL_DOWNLOADS]: The skill performs legitimate network requests to the
api.kie.aiservice and usescurlto download the resulting media assets to the local/tmpdirectory. - [CREDENTIALS_UNSAFE]: Authentication is handled correctly through the
KIE_AI_API_KEYenvironment variable, ensuring that no sensitive credentials or tokens are hardcoded in the script files.
Audit Metadata