Scan Report
0 /100
keevx-video-translate
Translate videos into a specified target language using the Keevx API
A legitimate video translation skill that interfaces with the Keevx API. All behavior is declared, documented, and necessary for the stated purpose. No malicious patterns detected.
Safe to install
This skill is safe to use. No security concerns identified.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Network | READ | READ | ✓ Aligned | SKILL.md:59-66 - API calls to api.keevx.com are declared and necessary |
| Environment | READ | READ | ✓ Aligned | SKILL.md:15 - Only reads KEEVX_API_KEY for API auth |
| Filesystem | READ | READ | ✓ Aligned | SKILL.md:39 - Only reads local video files for upload |
| Shell | NONE | NONE | — | SKILL.md:163-240 - Bash script uses curl for API calls only; no arbitrary comman… |
1 High 12 findings
High API Key 疑似硬编码凭证
API_KEY="your_api_key_here" SKILL.md:15 Medium External URL 外部 URL
https://www.keevx.com/main/home. SKILL.md:12 Medium External URL 外部 URL
https://api.keevx.com/v1 SKILL.md:25 Medium External URL 外部 URL
https://api.keevx.com/v1/figure-resource/upload/file SKILL.md:42 Medium External URL 外部 URL
https://api.keevx.com/v1/video_translate/target_languages SKILL.md:69 Medium External URL 外部 URL
https://api.keevx.com/v1/video_translate SKILL.md:82 Medium External URL 外部 URL
https://your-server.com/callback SKILL.md:93 Medium External URL 外部 URL
https://api.keevx.com/v1/video_translate/ SKILL.md:119 Medium External URL 外部 URL
https://www.keevx.com/main/meta/creations SKILL.md:302 Medium External URL 外部 URL
https://docs.keevx.com/api-reference/endpoint/ListSupportedLanguages SKILL.md:315 Medium External URL 外部 URL
https://docs.keevx.com/api-reference/endpoint/SubmitVideoTranslate SKILL.md:316 Medium External URL 外部 URL
https://docs.keevx.com/api-reference/endpoint/GetTranslationStatus SKILL.md:317 File Tree
1 files · 11.1 KB · 317 lines Markdown 1f · 317L
└─
SKILL.md
Markdown
Security Positives
✓ All API calls target declared, legitimate endpoint (api.keevx.com)
✓ Only accesses KEEVX_API_KEY environment variable for authentication
✓ Shell usage is limited to curl commands for API communication
✓ No credential harvesting, data exfiltration, or obfuscation patterns
✓ Documentation accurately describes all functionality
✓ No external script downloads, no base64 encoding, no reverse shells
✓ No supply chain risks (no external dependencies or unpinned packages)