kling-cli
Warn
Audited by Snyk on Jul 7, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill explicitly requires installing remote packages (e.g., "npm i -g @klingai/cli-cn --registry=https://registry.npmjs.org" and upgrading with "npm i -g <区域包名>@latest --registry=https://registry.npmjs.org"), which fetches and installs remote code from https://registry.npmjs.org at setup/runtime and thus executes untrusted code as a required dependency.
Issues (1)
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata