alicloud-ai-audio-tts-voice-design
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses the dashscope library, which is the official Python SDK for Alibaba Cloud's DashScope and Model Studio services.
- [CREDENTIALS_UNSAFE]: The documentation references standard practices for managing Alibaba Cloud credentials using the DASHSCOPE_API_KEY environment variable or the ~/.alibabacloud/credentials file. No hardcoded secrets were found in the scripts or documentation.
- [PROMPT_INJECTION]: The skill ingests user-provided voice descriptions and text content as primary inputs. 1. Ingestion points: voice_prompt and text arguments in scripts/prepare_voice_design_request.py. 2. Boundary markers: Not present in the generated JSON request. 3. Capability inventory: The helper script is limited to JSON preparation and schema validation. 4. Sanitization: Relies on standard JSON serialization.
Audit Metadata