chanjing-avatar
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements standard API client functionality for media processing and task management without any detected security violations.
- [COMMAND_EXECUTION]: The script
_auth.pycontains a call tosubprocess.runto launch an authentication helper script from a coordinated skill. This facilitates a secure login flow and does not process external or untrusted command arguments. - [CREDENTIALS_UNSAFE]: Authentication tokens and secrets are managed via a local configuration file (
~/.chanjing/credentials.json). This management is explicitly declared in the skill manifest and follows standard practices for CLI-based authentication tools. - [PROMPT_INJECTION]: The skill processes structured JSON responses from the Chanjing API. While it prints messages from these responses to the user, there is no path for these messages to be interpreted as agent instructions, limiting the risk of indirect prompt injection.
- Ingestion points: API response bodies in
scripts/poll_task.py,scripts/upload_file.py, andscripts/_auth.py. - Boundary markers: Absent; API response fields are used directly for console output.
- Capability inventory: Local file writes (credential persistence), subprocess calls (auth helper), and network requests (API interaction).
- Sanitization: None; the skill trusts the integrity of the vendor's API responses for status and error messages.
Audit Metadata