ai-handler

Integrates Replicate AI models with background processing and S3 storage, managing user credits for efficient AI predictions.

Install this skill

82/100

Security score

The ai-handler skill was audited on Feb 28, 2026 and we found 6 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 132

Template literal with variable interpolation in command context

SourceSKILL.md

132	path: `generations/${generationId}.png`,

medium line 21

Webhook reference - potential data exfiltration

SourceSKILL.md

21	- Wait for completion (polling or webhook).

low line 104

Webhook reference - potential data exfiltration

SourceSKILL.md

104	// Replicate usually takes time. We can use waitForEvent if using webhooks,

low line 105

Webhook reference - potential data exfiltration

SourceSKILL.md

105	// or simple polling loop with sleep if webhooks aren't set up.

medium line 29

Access to .env file

SourceSKILL.md

29	- `REPLICATE_API_TOKEN` in `.env`.

low line 86

Access to .env file

SourceSKILL.md

86	const replicate = new Replicate({ auth: process.env.REPLICATE_API_TOKEN });

Scanned on Feb 28, 2026

View Security Dashboard

Installation guide →

GitHub Stars 201

Rate this skill

Categorydevelopment

UpdatedApril 5, 2026

openclaw api backend ml-ai-engineer backend-developer data-engineer replicate development

aiskillstore/marketplace