PonyFlash - Media Generation Router

What to consider before installing/using this skill: - Secret handling: The SKILL.md asks you to provide a PonyFlash API key (PONYFLASH_API_KEY). The registry metadata does not declare that key — treat this as a red flag and avoid pasting secrets directly into public chat logs. Prefer setting the API key in a secure per-agent secret store or as an environment variable scoped to the agent process, not in an open chat message. - Runtime installs: The instructions tell you to run `pip install ponyflash` at runtime. Before doing that, review the 'ponyflash' package on PyPI (or its source repository) to ensure it is legitimate and inspect its code. Consider installing in a fresh virtualenv or sandbox rather than system-wide. - External downloads: The included scripts download subtitle fonts from mirrors.aliyun.com and jsdelivr. Those are public CDNs; this behavior is plausible, but confirm you are comfortable with the network calls and the specific URLs (you can override them with PONYFLASH_NOTO_FONT_URL). - Local script behavior: The shell and Python scripts operate on local files and create caches under ~/.cache/ponyflash/fonts and temporary task directories. If you run media_ops.sh or ensure_subtitle_fonts.sh, they will read/write those locations. Run these scripts in a controlled workspace and inspect them first if you have privacy concerns. - How to reduce risk: - Do not paste API keys into chat. Configure PONYFLASH_API_KEY via your agent's secret/environment configuration or provide it interactively in a private, secure channel if your agent supports it. - Inspect the 'ponyflash' SDK source or pin a known-good version before installing. Use a virtualenv or container for runtime installs. - If you only need local FFmpeg editing, you can avoid the cloud path — the FFmpeg scripts do not require the API key. - If you must run the skill, run it in a sandbox or test environment first and verify network activity (which hosts the SDK communicates with) and the outputs before trusting it with sensitive data. - What would change this assessment: If the registry metadata is updated to explicitly declare required env vars (PONYFLASH_API_KEY) and primary credential, and if there is a clear, discoverable, trusted source for the 'ponyflash' SDK (official GitHub/PyPI with matching provenance), my confidence would increase toward 'benign'. Conversely, evidence of the 'ponyflash' pip package being untrusted/malicious would raise severity. Overall: the skill appears to implement the advertised features, but the undeclared API-key dependency, the recommendation to paste the key into chat, and runtime package downloads are coherence and operational-risk issues — proceed with caution.