voice-notify
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill communicates with official Volcengine API endpoints at cloud-vms.volcengineapi.com. These are verified vendor resources belonging to the author 'bytedance' and do not constitute unauthorized data exfiltration.
- [COMMAND_EXECUTION]: The script scripts/voice_notify.py processes command-line arguments to build API requests. It handles data using structured JSON serialization and does not employ dangerous functions for dynamic code execution.
- [CREDENTIALS_UNSAFE]: Authentication is managed via environment variables (VOLCENGINE_ACCESS_KEY and VOLCENGINE_SECRET_KEY). This is a secure and standard practice for API integration and does not involve hardcoded secrets.
Audit Metadata