aliyun-vidu-video
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill performs network operations to dashscope.aliyuncs.com. This is a well-known service (Alibaba Cloud) used for the skill's primary purpose of video generation. No sensitive files are accessed or transmitted.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted user data. Ingestion points: User-provided prompts and media URLs via CLI arguments in scripts/generate_vidu_video.py. Boundary markers: None identified in the prompt construction. Capability inventory: Network requests to an external AI API using the requests library. Sanitization: No sanitization or validation of the prompt content is performed before transmission to the API. However, this is expected for a generative AI utility and is managed by the provider's safety systems.
- [COMMAND_EXECUTION]: The skill includes a validation step in SKILL.md that runs python -m py_compile to check script syntax. This is a safe and standard development practice.
Audit Metadata