扫描报告
0 /100
oatda-video-status
Check the status of an asynchronous video generation task from OATDA
A straightforward video task status checker that reads a declared credentials file and calls a legitimate API endpoint using curl. No hidden functionality, obfuscation, or suspicious patterns detected.
可以安装
Skill is safe to use. Ensure ~/.oatda/credentials.json permissions are restricted to the user only.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | READ | READ | ✓ 一致 | SKILL.md reads ~/.oatda/credentials.json for API key |
| 网络访问 | READ | READ | ✓ 一致 | SKILL.md makes GET requests to https://oatda.com/api/v1/llm/video-status/<TASK_I… |
5 项发现
中危 外部 URL 外部 URL
https://oatda.com SKILL.md:4 中危 外部 URL 外部 URL
https://oatda.com/api/v1/llm/video-status/ SKILL.md:40 中危 外部 URL 外部 URL
https://cdn.example.com/video.mp4 SKILL.md:52 中危 外部 URL 外部 URL
https://cdn.example.com/video-direct.mp4 SKILL.md:53 中危 外部 URL 外部 URL
https://oatda.com/api/v1/llm/video-status/minimax-T2V01-abc123 SKILL.md:88 目录结构
1 文件 · 3.6 KB · 101 行 Markdown 1f · 101L
└─
SKILL.md
Markdown
安全亮点
✓ No obfuscation (no base64, eval, or encoded strings)
✓ All network calls use domain names, not raw IPs
✓ No credential exfiltration - only reads local config file
✓ Simple GET request pattern - no suspicious POST payloads
✓ No hidden instructions in HTML comments or elsewhere
✓ No shell execution beyond declared curl/jq commands
✓ Credential access is explicitly declared and necessary for functionality