byted-viking-developer
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or security vulnerabilities were identified within the skill's instruction files or accompanying resource documentation.
- [EXTERNAL_DOWNLOADS]: The skill guides developers to install official SDKs (e.g.,
vikingdb-python-sdk,volcengine-go-sdk) and references trusted Bytedance/Volcengine domains (e.g.,volcengine.com,volces.com,byteimg.com). These are recognized well-known services and do not pose a security risk. - [CREDENTIALS_UNSAFE]: Code examples correctly demonstrate security best practices by using environment variables (e.g.,
os.getenv("VIKINGDB_AK")) or generic placeholders (e.g.,"your AK","****") for authentication. No actual hardcoded secrets or sensitive credentials were found. - [COMMAND_EXECUTION]: Code snippets provided are standard implementation examples for Java, Go, and Python to interact with the Viking API. They do not contain any arbitrary or high-risk command execution patterns.
Audit Metadata