keyapi-tiktok-ecommerce
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill interacts with a legitimate MCP server at mcp.keyapi.ai to retrieve TikTok commerce data, which aligns with its stated purpose of market intelligence.
- [SAFE]: API credentials are managed via the KEYAPI_TOKEN environment variable and optional .env file storage, following standard security practices for secret management.
- [SAFE]: The scripts/run.js helper provides transparent logic for tool execution and local caching within the .keyapi-cache directory without any obfuscation.
- [SAFE]: Network activity is restricted to the official KeyAPI API and well-known image CDN hosts associated with the platform's infrastructure.
Audit Metadata