polyv-create-channel
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a standard API wrapper for the Polyv video cloud service. It correctly manages authentication through app credentials and provides clear error handling for API and network issues.
- [COMMAND_EXECUTION]: The skill uses a local script (scripts/polyv.js) to interact with the Polyv API. The script processes command-line arguments safely and does not use dangerous functions like eval() or exec() for input processing.
- [DATA_EXFILTRATION]: The skill accesses API credentials from the local filesystem (~/.polyv-skills/config.json) and sends them to the official Polyv API endpoint (api.polyv.net) for authentication purposes. This is expected behavior for an API client and does not constitute unauthorized exfiltration.
Audit Metadata