Scan Report
0 /100
oatda-text-completion
Generate text using OATDA's unified LLM API with support for 10+ providers
This is a pure documentation skill for text completion via the OATDA unified API. All behavior is clearly declared and documented; no hidden functionality or malicious patterns detected.
Safe to install
No action required. This skill is a straightforward LLM API wrapper with transparent documentation.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Network | READ | READ | ✓ Aligned | curl POST to https://oatda.com/api/v1/llm (line 57-63) |
| Shell | WRITE | WRITE | ✓ Aligned | Executes curl and jq commands (line 19, 57) |
| Filesystem | READ | READ | ✓ Aligned | Reads ~/.oatda/credentials.json (line 19) |
| Environment | READ | READ | ✓ Aligned | Accesses OATDA_API_KEY env var (line 19) |
4 findings
Medium External URL 外部 URL
https://oatda.com SKILL.md:4 Medium External URL 外部 URL
https://oatda.com/api/v1/llm SKILL.md:57 Medium External URL 外部 URL
https://oatda.com/dashboard/api-keys SKILL.md:98 Medium External URL 外部 URL
https://oatda.com/dashboard/usage SKILL.md:99 File Tree
1 files · 4.2 KB · 127 lines Markdown 1f · 127L
└─
SKILL.md
Markdown
Security Positives
✓ Full documentation of all API calls and parameters
✓ API key security practice: only shows first 8 characters
✓ Clear error handling for HTTP status codes (401, 402, 429, 400)
✓ Dependencies (curl, jq) and config paths declared upfront
✓ Legitimate use case: unified LLM API wrapper
✓ No base64 encoding, eval(), or suspicious patterns
✓ No hidden instructions in comments
✓ No credential exfiltration beyond necessary API usage