model-management
Manages text, image, and video models by adding, updating, or removing them across various providers.
Install this skill
Security score
The model-management skill was audited on May 20, 2026 and we found 22 security issues across 4 threat categories, including 3 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
Curl to non-GitHub URL
| 423 | curl -s "http://localhost:8788/v1/chat/completions" \ |
Webhook reference - potential data exfiltration
| 74 | - Dashboard, auth routes, account APIs (Stripe portal, webhook handlers, login) |
Access to hidden dotfiles in home directory
| 540 | The convention on this team is to keep the Pollinations age private key in **macOS Keychain** under service name `sops-age-key` (account = your local `$USER`). If `~/.config/sops/age/keys.txt` exists |
Access to hidden dotfiles in home directory
| 545 | for KF in ~/.config/sops/age/keys.txt ~/Library/Application\ Support/sops/age/keys.txt; do |
Access to .env file
| 94 | source _local/.env |
Access to .env file
| 99 | # 4. `_local/.env` — secrets reference |
Access to .env file
| 104 | source _local/.env |
Access to .env file
| 117 | > **`_local/.env` token labels are not guaranteed to match where they actually validate.** Before assuming a 401 means "wrong/expired token," verify the token against gen's local D1 — only keys seeded |
Access to .env file
| 124 | Provider/runtime secrets (Azure, OpenAI, OpenRouter API keys, etc.) belong in `gen.pollinations.ai/secrets/{dev,staging,prod}.vars.json` via SOPS — never in `_local/.env`. See §11. |
Access to .env file
| 209 | source _local/.env |
Access to .env file
| 418 | source _local/.env |
Prompting for API key/token input
| 117 | > **`_local/.env` token labels are not guaranteed to match where they actually validate.** Before assuming a 401 means "wrong/expired token," verify the token against gen's local D1 — only keys seeded |
Access to system keychain/keyring
| 540 | The convention on this team is to keep the Pollinations age private key in **macOS Keychain** under service name `sops-age-key` (account = your local `$USER`). If `~/.config/sops/age/keys.txt` exists |
Access to system keychain/keyring
| 544 | || { echo "Not in keychain — ask the user where their age key lives"; exit 1; } |
Access to system keychain/keyring
| 548 | printf '\n# pollinations (restored from keychain svce=sops-age-key)\n%s\n' "$SOPS_KEY" >> "$KF" |
Access to system keychain/keyring
| 555 | If `-a "$USER"` doesn't match, try without `-a` (`security find-generic-password -s "sops-age-key" -w`) and let keychain pick the only one. Recipients can rotate — read the current expected public key |
External URL reference
| 68 | | `http://localhost:8788` model tests (config, handler, registry, modalities, billing) | gen only | `POLLINATIONS_TOKEN_LOCAL` | staging workspace | |
External URL reference
| 70 | | `https://gen.pollinations.ai` | none | `POLLINATIONS_TOKEN_PROD` | prod workspace | |
External URL reference
| 212 | GEN="http://localhost:8788" # or https://gen.pollinations.ai |
External URL reference
| 370 | TB="https://api.europe-west2.gcp.tinybird.co" |
External URL reference
| 423 | curl -s "http://localhost:8788/v1/chat/completions" \ |
External URL reference
| 438 | TB="https://api.europe-west2.gcp.tinybird.co" |