Kling AI
Security checks across malware telemetry and agentic risk
Overview
The skill appears purpose-aligned for Kling AI, but it uses real account credentials, can start billable generation jobs, and can upload selected local media.
This skill looks coherent for using Kling AI. Before installing, verify the source because it claims to be official while the registry source is unknown. Expect it to use or store Kling credentials, upload media you choose, and consume paid generation quota when submitting jobs.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may place extra trust in the skill because of the word “Official.”
The skill presents itself as official, but the supplied registry metadata does not provide a verified source. This is not evidence of malicious behavior, but it matters because the skill handles credentials and billable account actions.
Description: Official Kling AI Skill... Source: unknown
Verify the publisher, homepage, and expected Kling API documentation before entering or binding credentials.
Anyone or any process that can read that credentials file may be able to use the linked Kling account.
The account flow can persist Kling credentials locally. This is expected for an API client, but it is sensitive account material.
--bind-url ... writes ~/.config/kling/.credentials after exchange succeeds
Use the skill only on a trusted machine, protect the credentials file, and rotate/revoke keys if you uninstall or suspect exposure.
A normal generation or query request could lead into an account-binding process if no credentials are configured.
Commands that need authentication may automatically start a device-binding flow when credentials are absent. This is purpose-aligned, but users should recognize it as account authorization.
console.error('\n── No credentials / 无可用凭证,启动设备绑定 bind ────\n'); await runDeviceBindFlow({}); return getBearerToken();Only complete the bind flow if you intend to authorize this skill for your Kling account.
Submitting video or image generation tasks may consume paid quota or account resources.
The skill can submit paid generation jobs. The artifacts disclose this and include anti-speculation guidance, so it is purpose-aligned.
Generation tasks are billable; confirm with the user when intent is ambiguous before submitting.
Give clear instructions, confirm cost-sensitive requests, and check account quota before large or repeated jobs.
A mistaken delete command could remove a custom subject from the Kling account.
The skill includes a subject deletion action against the Kling API. It requires an explicit element ID and fits the subject-management purpose, but it mutates account data.
const API_PATH_DELETE = '/v1/general/delete-elements'; ... node kling.mjs element --action delete --element_id <id>
Ask the agent to list and confirm the target element ID before deleting subjects.
Selected local media files may be sent to Kling for generation or subject creation.
The skill can read user-selected local images/videos and encode them for submission to the Kling API. The path restrictions make this proportionate to the stated media-generation purpose.
读取媒体文件:URL 直接返回,本地文件读为 base64(路径受 KLING_MEDIA_ROOTS / KLING_ALLOW_ABSOLUTE_PATHS 约束)
Only provide media files you are comfortable uploading to Kling, and keep the default path restrictions unless you need broader access.