douyin-hotlist-overall
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's Python runner (
scripts/run.py) makes network requests tohttps://ai-skills.aito fetch real-time data. This destination is explicitly disclosed in theSKILL.mdfrontmatter under the security section. - [COMMAND_EXECUTION]: The skill provides a Python script (
scripts/run.py) intended for execution to poll the API. The script handles input parameters safely via JSON parsing and does not use dangerous functions likeeval()oros.system(). - [CREDENTIALS_SAFE]: The skill manages authentication using an environment variable (
AISKILLS_API_KEY), which is passed in the request header to the authorized API endpoint. This follows best practices for secret management.
Audit Metadata