critical
suspicious.exposed_secret_literal
- Location
- SKILL.md:32
- Finding
- File appears to expose a hardcoded API secret or token.
kameo
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.exposed_secret_literal, suspicious.potential_exfiltration
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
ConcernHigh Confidence
ASI03: Identity and Privilege AbuseWhat this means
Users or agents may run jobs against an unknown shared account, consume someone else's credits, or rely on a key that is already compromised.
Why it was flagged
The skill publishes a specific Kameo API key instead of using a placeholder, while the registry declares no primary credential or required environment variable.
Skill content
export KAMEO_API_KEY="kam_I3rd...T7fs"
Recommendation
Revoke the exposed key, replace it with a placeholder, and declare KAMEO_API_KEY as a required credential so each user supplies their own key.
ConcernHigh Confidence
ASI03: Identity and Privilege AbuseWhat this means
A user could expose account credentials through a nonfunctional or incorrectly configured helper, and command-line passwords may also appear in shell history or process listings.
Why it was flagged
The registration helper asks for an email and password and posts them to a placeholder Supabase URL, not a clearly configured Kameo authentication endpoint.
Skill content
SUPABASE_URL="https://YOUR_PROJECT.supabase.co" ... Usage: $0 <email> <password> ... curl -s -X POST "$SUPABASE_URL/auth/v1/signup"
Recommendation
Do not use the registration helper until the real Kameo auth endpoint is verified; avoid passing passwords on the command line and document credential handling in metadata.
ConcernMedium Confidence
ASI05: Unexpected Code ExecutionWhat this means
If an agent passes untrusted dialogue or filenames into the enhanced workflow, a crafted value could execute local code under the user's account.
Why it was flagged
User-controlled image paths and dialogue are interpolated directly into an unquoted Python heredoc, so crafted quotes or newlines can alter the generated Python source.
Skill content
python3 << PYEOF ... with open("$IMAGE_PATH", 'rb') as f: ... enhanced = text.replace("[DIALOGUE]", "$DIALOGUE")Recommendation
Quote the heredoc delimiter, pass user inputs through argv or environment variables, and JSON/string-escape all values before using them in Python.
NoteHigh Confidence
ASI07: Insecure Inter-Agent CommunicationWhat this means
Portraits, avatars, and prompt text submitted to the skill are sent to Kameo, and enhanced mode also analyzes the selected image with Gemini.
Why it was flagged
The selected local image is encoded and sent to the Kameo API, which is necessary for the stated video-generation purpose but still transfers user content to an external provider.
Skill content
"image_base64": "$(base64 -w0 "$IMAGE_PATH" ...)"; curl -s -X POST "$API_BASE/generate"
Recommendation
Use only images and dialogue you are allowed to upload to those providers, and review provider retention/privacy terms before processing sensitive faces or private media.
Findings (3)
critical
suspicious.exposed_secret_literal
- Location
- USAGE.md:9
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.potential_exfiltration
- Location
- scripts/generate_video.sh:57
- Finding
- Shell script base64-encodes a local file and sends it over the network.