Skills
skills/bytedance/agentkit-samples/byted-sms-sender/Gen Agent Trust Hub

byted-sms-sender

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on the execution of a local Python script scripts/volc_sms.py to perform API calls. This is the intended behavior for interfacing with the service.
  • [CREDENTIALS_UNSAFE]: The skill uses VOLCENGINE_ACCESS_KEY and VOLCENGINE_SECRET_KEY for authentication. It correctly handles these as environment variables or command-line arguments, avoiding hardcoded secrets in the source code.
  • [EXTERNAL_DOWNLOADS]: The script scripts/volc_sms.py requires the requests library. The documentation provides standard instructions for installing this dependency via pip.
  • [DATA_EXFILTRATION]: The skill makes outbound network requests to sms.volcengineapi.com. This is the official endpoint for ByteDance's Volcengine SMS service and is necessary for the skill's functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 03:01 PM