Skills
skills/cinience/alicloud-skills/alicloud-ai-multimodal-qwen-omni/Gen Agent Trust Hub

alicloud-ai-multimodal-qwen-omni

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill utilizes official Alibaba Cloud (Aliyun) documentation links for reference, which are recognized as well-known and trusted sources.
  • [SAFE]: Command execution is restricted to Python bytecode compilation (py_compile) and executing an internal utility script to generate request templates within the skill's designated output directory.
  • [INDIRECT_PROMPT_INJECTION]: The skill defines an interface for processing multimodal inputs (text, image, audio), representing a potential surface for indirect prompt injection via untrusted data.
  • Ingestion points: The text, image, and audio parameters defined in the omni.chat request interface in SKILL.md.
  • Boundary markers: Absent; there are no specific delimiters or instructions provided to the agent to ignore instructions embedded in the multimodal data.
  • Capability inventory: Analysis of scripts/prepare_omni_request.py reveals no dangerous capabilities; the script is limited to basic file writing using pathlib and json modules.
  • Sanitization: No input validation, escaping, or filtering is performed on the data processed by the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 03:27 AM