Security audit
Security checks across malware telemetry and agentic risk
This skill appears to do what it says: it uses a RedFox API key to fetch public Bilibili creator video lists by UID.
Install only if you are comfortable giving this skill a RedFox API key and sending Bilibili UIDs you query to RedFox for lookup. Treat REDFOX_API_KEY as a secret, do not paste it into chats or commit it to repos, and rotate or revoke it if exposed.
def get_api_key() -> str:
val = os.environ.get("REDFOX_API_KEY", "")
if not val:
print("[error] 未找到环境变量 REDFOX_API_KEY,请确认已设置 API Key", file=sys.stderr)
sys.exit(1)# Bilibili Portfolio Search / bilibili-portfolio-search ---
# B站搜账号下作品集 / bilibili-portfolio-search ---
--- name: bilibili-portfolio-search description: B站账号作品列表实时查询工具。根据B站UP主的UID获取该UP主发布的最新视频作品列表,支持游标翻页浏览更多作品。当用户想查看某个B站UP主的作品列表、B站账号视频、UP主投稿列表时使用。 ---
# Core Workflow ## Step 1:理解用户意图,提取UID
65/65 vendors flagged this skill as clean.