douyin-hotlist-overall

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill's Python runner (scripts/run.py) makes network requests to https://ai-skills.ai to fetch real-time data. This destination is explicitly disclosed in the SKILL.md frontmatter under the security section.
  • [COMMAND_EXECUTION]: The skill provides a Python script (scripts/run.py) intended for execution to poll the API. The script handles input parameters safely via JSON parsing and does not use dangerous functions like eval() or os.system().
  • [CREDENTIALS_SAFE]: The skill manages authentication using an environment variable (AISKILLS_API_KEY), which is passed in the request header to the authorized API endpoint. This follows best practices for secret management.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 12:02 AM
Security Audit — agent-trust-hub — douyin-hotlist-overall