Zyt avatar
PassAudited by ClawScan on May 1, 2026.
Overview
The artifacts are coherent for creating Chanjing lip-sync videos, with disclosed but important handling of local API credentials and uploaded media.
This skill does not show malicious behavior in the provided artifacts. Before installing, confirm you trust Chanjing with the videos/audio/text you upload, keep CHANJING_API_BASE set to the official endpoint unless you intentionally use another one, and protect ~/.chanjing/credentials.json because it contains API secrets and cached tokens.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can use your Chanjing API credentials and cache an access token locally; if CHANJING_API_BASE is changed to an untrusted host, those credentials could be sent there.
The helper sends locally stored Chanjing app_id and secret_key to the configured API base to obtain an access token. This is expected for the integration, but it is sensitive account authority.
API_BASE = os.environ.get("CHANJING_API_BASE", "https://open-api.chanjing.cc") ... data=json.dumps({"app_id": app_id, "secret_key": secret_key})Use a dedicated Chanjing API credential, keep CHANJING_API_BASE at the official URL unless intentional, and protect the local credentials file.
Private videos, audio, or text prompts may be processed by Chanjing and exposed through a remote result URL.
The documented workflow sends user-provided video and audio to the Chanjing API and returns a provider-hosted result. This is central to the skill purpose and is disclosed.
Upload the source avatar video and optional driving audio to obtain `file_id` ... On success, return the remote video URL from the API response
Only upload media you are comfortable sending to Chanjing, and review the provider’s privacy and retention terms for sensitive content.
Some documented commands may fail or tempt users to look for replacement scripts elsewhere.
SKILL.md documents several executable helper scripts, while the provided manifest contains only SKILL.md and scripts/_auth.py. This is a packaging/provenance gap, not evidence of malicious behavior.
| `chanjing-config` | write or inspect local `app_id` / `secret_key` configuration | ... | `upload_file` | upload a local file ... | `create_task` | create a lip-sync task ... | `poll_task` | poll task status
Use only scripts supplied by a trusted package source, and ask the publisher to include or document the missing helpers.