director-clip-gen

SUSPICIOUS: the stated purpose is coherent, but Kling traffic is routed through KIE, a third-party intermediary that receives prompts/media and may store files temporarily. With no install chain or obvious exfiltration beyond the declared API flow, this is not malware, but the gateway-based data flow and unspecified non-Kling endpoints create medium security risk.