imgnAI Katana API
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The artifact files could not be inspected in this run, and the only available negative signal is a single VirusTotal detection, which is not enough by itself to classify the skill as risky.
This result is low confidence because the artifact files were not readable during the review. Re-run the scan with workspace inspection working before relying on this verdict.
Publisher note
This skill uses curl to call the imgnAI Katana API (kat.imgnai.com) for image, video, and text generation. Network access is required for all API operations. Credentials (KATANA_API_KEY, KATANA_API_SECRET) are read from a local secrets file and sent as Bearer auth headers to kat.imgnai.com only. Optional ffmpeg usage for local video post-processing. No data is sent to any other endpoint. Shell script to manage API submissions, polling status, and other API operations.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
1/63 vendors flagged this skill as malicious, and 62/63 flagged it as clean.
Risk analysis
No visible risk-analysis findings were reported for this release.