jiuma-ai-video-generation Security Report — Low Risk | ClawSafe

10 /100

jiuma-ai-video-generation

免费的ai视频生成创作平台，支持生成视频、图片、声音、视频动作模仿、视频人物替换。官网：https://www.jiuma.com

A legitimate AI video generation platform integration skill that stores auth tokens in the OS keyring and communicates exclusively with api.jiuma.com. No malicious behavior, credential exfiltration, or hidden functionality detected.

Skill Namejiuma-ai-video-generation

Duration49.3s

Enginepi

✓

Safe to install

This skill is safe to use. For improved transparency, consider documenting the network:READ capability in SKILL.md to explicitly declare the api.jiuma.com API calls.

Findings 4 items

Severity	Finding	Location
Low	Network access not formally declared in capability mapping The SKILL.md does not declare a capability model, and the external network requests to api.jiuma.com are not explicitly documented as a capability. Since network access is fundamental to the skill's purpose (calling the jiuma AI platform API), this is a documentation gap rather than a security violation. `No capability model declaration present` → Add a formal capability declaration section at the top of SKILL.md listing filesystem:READ, filesystem:WRITE, network:READ, and shell:WRITE permissions alongside their justifications.	`SKILL.md:1`
Low	External URLs in documentation SKILL.md references https://www.jiuma.com and https://picsum.photos/800/450 as part of the documented workflow. These are expected for a video generation platform skill. `https://www.jiuma.com` → No action needed; these URLs are integral to the skill's stated purpose.	`SKILL.md:3`
Info	Credential stored in OS keyring (not plaintext) Auth tokens are stored using the keyring library in the system keychain rather than hardcoded or stored in plaintext files. This is a positive security practice. `keyring.set_password("jiuma_ai", "authorized_token", token)` → This is appropriate. No change needed.	`scripts/auth.py:23`
Info	pip install instructions without version pinning SKILL.md Installation section uses 'pip install keyring' and 'pip install keyrings.alt' without version constraints. These are well-known packages and this is a minor practice issue. `pip install keyring` → Pin versions for reproducibility: pip install keyring==X.Y.Z keyrings.alt==X.Y.Z	`SKILL.md:123`

Resource	Declared	Inferred	Status	Evidence
Shell	`WRITE`	`WRITE`	✓ Aligned	SKILL.md: Bash commands execute Python scripts with arguments
Filesystem	`READ`	`READ`	✓ Aligned	SKILL.md: Read tool for file path verification
Filesystem	`WRITE`	`WRITE`	✓ Aligned	scripts/upload_file.py:67 — reads local files for upload via os.path.expanduser(…
Network	`NONE`	`READ`	✓ Aligned	All scripts: requests.post/get to https://api.jiuma.com/* (api.jiuma.com, api.ji…
Environment	`NONE`	`NONE`	—	No os.environ iteration found; tokens stored via keyring (not env vars)
Clipboard	`NONE`	`NONE`	—	No clipboard access found
Skill Invoke	`NONE`	`NONE`	—	No cross-skill invocation found

3 findings

🔗

Medium External URL 外部 URL

https://www.jiuma.com

SKILL.md:3

🔗

Medium External URL 外部 URL

https://picsum.photos/800/450

SKILL.md:37

🔗

Medium External URL 外部 URL

https://api.jiuma.com/

scripts/auth.py:11

File Tree

6 files · 20.4 KB · 543 lines

Python 5f · 420L Markdown 1f · 123L

├─ ▾ 📁 scripts

│ ├─ 🐍 auth.py Python 126L · 4.8 KB

│ ├─ 🐍 check_auth_status.py Python 42L · 1.1 KB

│ ├─ 🐍 submit_generation_task.py Python 90L · 3.0 KB

│ ├─ 🐍 task_result.py Python 93L · 2.8 KB

│ └─ 🐍 upload_file.py Python 69L · 1.9 KB

└─ 📝 SKILL.md Markdown 123L · 6.8 KB

Dependencies 3 items

Package	Version	Source	Known Vulns	Notes
`requests`	`not pinned`	implicit import	No	Used for all API calls; no version constraint in requirements.txt
`keyring`	`not pinned`	pip install in SKILL.md	No	Stores tokens in OS keychain; version not pinned in installation instructions
`keyrings.alt`	`not pinned`	pip install in SKILL.md	No	Backend for keyring; version not pinned

Security Positives

✓ Tokens are stored in the OS keyring via keyring library — not in plaintext files or environment variables

✓ No credential exfiltration: tokens are used only for authenticated API calls to the declared platform

✓ No suspicious patterns: no base64+eval chains, no subprocess for shell commands, no obfuscation

✓ No access to sensitive host paths (~/.ssh, ~/.aws, .env, etc.)

✓ All network calls are to a single, consistent domain (api.jiuma.com) using standard HTTPS

✓ No hidden HTML content, embedded scripts, or steganographic payloads

✓ HTTP 401 responses are handled gracefully (token expiry detection)

✓ File operations are scoped to user-provided paths with os.path.expanduser for tilde expansion

Scan Report

Findings 4 items

File Tree

Dependencies 3 items

Security Positives