Skip to main content
klingai-compliance-review Execute conduct compliance reviews for Kling AI integrations. Use when preparing for audits,
ensuring regulatory compliance, or reviewing security posture. Trigger with phrases like
'klingai compliance', 'kling ai audit prep', 'klingai security review', 'video generation compliance'.
npx skills add jeremylongshore/claude-code-plugins-plus-skills --skill klingai-compliance-review ai automation claude-code devops mcp ai-agents
Kling AI Compliance Review
Overview
Security and compliance assessment framework for Kling AI integrations. Covers data handling, credential management, content policy, privacy, and regulatory considerations.
Data Flow Assessment
User Prompt → [Your App] → [Kling AI API] → [Kling GPU Cluster]
↓
[Your CDN] ← download ← [Kling CDN (temporary URL)] ← Generated Video
Data Residency
Data Location Retention Prompts Sent to Kling servers (China/global) Processing only Generated videos Kling CDN (temporary URLs) ~24-72 hours API keys Your infrastructure You control Audit logs Your infrastructure You control
Security Checklist
Credential Security
Keys rotated quarterly
Separate keys per environment
JWT tokens never logged
Access key prefix logged (first 8 chars only)# Safe logging pattern
def safe_log_key(access_key: str) -> str:
return access_key[:8] + "..." + access_key[-4:]
Network Security
Input Validation
Output Handling
Privacy Assessment Question Consideration Do prompts contain PII? Filter PII before sending to API Do images contain faces? Check consent requirements (GDPR Art. 6) Are generated videos stored? Define retention policy Who has access to generated content? RBAC on storage layer Cross-border data transfer? Kling API servers may be in China
GDPR Considerations class GDPRCompliantClient:
"""Kling client with GDPR data handling."""
def __init__(self, base_client, audit_logger):
self.client = base_client
self.audit = audit_logger
def text_to_video(self, prompt: str, data_subject_id: str = None, **kwargs):
# Log processing activity (GDPR Art. 30)
self.audit.log("processing_activity", "system", {
"purpose": "video_generation",
"data_subject": data_subject_id,
"legal_basis": "legitimate_interest",
"data_categories": ["text_prompt"],
"recipients": ["klingai_api"],
})
return self.client.text_to_video(prompt, **kwargs)
def handle_deletion_request(self, data_subject_id: str):
"""Handle GDPR right to erasure (Art. 17)."""
# Delete stored videos associated with the data subject
# Delete audit logs referencing the data subject
# Note: cannot delete data already sent to Kling API
self.audit.log("deletion_request", "system", {
"data_subject": data_subject_id,
"action": "processed",
})
Automated Compliance Check def run_compliance_check(config: dict) -> dict:
"""Run automated compliance checks against configuration."""
checks = []
# Check credential storage
if config.get("key_source") == "environment":
checks.append(("WARN", "credentials", "Using env vars; prefer secrets manager"))
elif config.get("key_source") == "secrets_manager":
checks.append(("PASS", "credentials", "Using secrets manager"))
# Check TLS
if config.get("base_url", "").startswith("https://"):
checks.append(("PASS", "tls", "HTTPS enforced"))
else:
checks.append(("FAIL", "tls", "Not using HTTPS"))
# Check content filtering
if config.get("content_filter_enabled"):
checks.append(("PASS", "content_filter", "Pre-submission filtering active"))
else:
checks.append(("WARN", "content_filter", "No pre-submission content filtering"))
# Check audit logging
if config.get("audit_logging"):
checks.append(("PASS", "audit", "Audit logging enabled"))
else:
checks.append(("FAIL", "audit", "No audit logging"))
# Print report
for status, area, message in checks:
icon = {"PASS": "OK", "WARN": "!!", "FAIL": "XX"}[status]
print(f" [{icon}] {area}: {message}")
return {
"passed": sum(1 for s, _, _ in checks if s == "PASS"),
"warnings": sum(1 for s, _, _ in checks if s == "WARN"),
"failed": sum(1 for s, _, _ in checks if s == "FAIL"),
}
Resources Create or update AgentSkills. Use when designing, structuring, or packaging skills with scripts, references, and assets.
Create or update AgentSkills. Use when designing, structuring, or packaging skills with scripts, references, and assets.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
CLI to manage emails via IMAP/SMTP. Use `himalaya` to list, read, write, reply, forward, search, and organize emails from the terminal. Supports multiple accounts and message composition with MML (MIME Meta Language).
Create or update AgentSkills. Use when designing, structuring, or packaging skills with scripts, references, and assets.
Create or update AgentSkills. Use when designing, structuring, or packaging skills with scripts, references, and assets.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
CLI to manage emails via IMAP/SMTP. Use `himalaya` to list, read, write, reply, forward, search, and organize emails from the terminal. Supports multiple accounts and message composition with MML (MIME Meta Language).