The Agent Skills Directory

[SAFE]: The skill correctly manages sensitive API credentials (AccessKeyID and SecretAccessKey) by requiring them to be set as environment variables, preventing hardcoded secrets in the source code.
[SAFE]: All network operations are directed to official Volcengine (ByteDance) API endpoints (volcengineapi.com), which is a well-known and trusted service for its intended purpose.
[COMMAND_EXECUTION]: The module utilizes child_process.execSync to run curl for API requests. This implementation is safe as it employs encodeURIComponent for query parameters and writes the JSON request body to a temporary file (/tmp/jimeng_req_body.json) rather than passing it directly as a shell argument, effectively mitigating command injection risks.
[PROMPT_INJECTION]: The skill processes untrusted user data to generate videos, which constitutes an indirect prompt injection surface.
Ingestion points: imageUrl, audio_url, and prompt parameters in jimeng.js provided by the agent.
Boundary markers: Not explicitly implemented in the skill instructions.
Capability inventory: Network access via curl and local file writes via fs.writeFileSync in jimeng.js.
Sanitization: Inputs are JSON-encoded and encapsulated within a temporary file before being processed by the system, ensuring data is treated as a payload rather than executable instructions.

jimeng-digital-human