扫描报告
5 /100
keevx-image-to-video
Use the Keevx API to convert images to videos
This is a legitimate API integration skill for Keevx image-to-video conversion with no malicious behavior detected.
可以安装
This skill is safe to use. Consider removing the hardcoded placeholder example from line 15 to avoid confusion, though it poses no security risk.
安全发现 1 项
| 严重性 | 安全发现 | 位置 |
|---|---|---|
| 低危 | Placeholder credential in documentation 文档欺骗 | SKILL.md:15 |
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 网络访问 | READ | READ | ✓ 一致 | API calls to api.keevx.com are declared and appropriate |
| 文件系统 | NONE | NONE | — | No file operations detected |
| 命令执行 | NONE | NONE | — | Only curl examples for API calls, no arbitrary execution |
| 环境变量 | READ | READ | ✓ 一致 | Reads KEEVX_API_KEY from environment as declared |
1 高危 7 项发现
高危 API 密钥 疑似硬编码凭证
API_KEY="your_api_key_here" SKILL.md:15 中危 外部 URL 外部 URL
https://www.keevx.com/main/home. SKILL.md:12 中危 外部 URL 外部 URL
https://docs.keevx.com SKILL.md:12 中危 外部 URL 外部 URL
https://api.keevx.com/v1 SKILL.md:20 中危 外部 URL 外部 URL
https://api.keevx.com/v1/figure-resource/upload/file SKILL.md:88 中危 外部 URL 外部 URL
https://api.keevx.com/v1/image_to_video SKILL.md:116 中危 外部 URL 外部 URL
https://api.keevx.com/v1/image_to_video/i2v-xxxxxxxx SKILL.md:156 目录结构
1 文件 · 7.9 KB · 276 行 Markdown 1f · 276L
└─
SKILL.md
Markdown
安全亮点
✓ No arbitrary code execution or shell commands
✓ No credential harvesting beyond using user's own API key
✓ No data exfiltration to third-party servers
✓ No obfuscation or encoded payloads
✓ All network activity is limited to the legitimate Keevx API
✓ Skill purpose and implementation are clearly documented
✓ No sensitive path access (ssh, aws, .env files)
✓ No supply chain risks - no dependencies to install