alicloud-ai-multimodal-qwen-ocr
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses standard shell commands in its documentation for environment preparation and script validation, such as
mkdir,py_compile, andpip install. - [DATA_EXFILTRATION]: No malicious data transfer patterns were detected. The skill correctly identifies standard credential storage locations (
~/.alibabacloud/credentials) used by Alibaba Cloud tools and utilizes official API endpoints (dashscope.aliyuncs.com). - [EXTERNAL_DOWNLOADS]: The skill documentation suggests installing the
requestslibrary, a standard and well-known Python package, for managing HTTP communication with the API. - [SAFE]: The provided Python script
prepare_ocr_request.pyis a utility for JSON payload construction. It performs basic argument parsing and file writing without executing external commands, performing unauthorized network operations, or accessing sensitive files.
Audit Metadata