auto-acl-apply
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's implementation is transparent and strictly follows its stated purpose of automating Neptune platform requests.
- [DATA_EXFILTRATION]: The skill performs network requests to specific domains required for the target platform's operation.
- Evidence: Network requests are directed to 'cloud.bytedance.net', 'cloud-boe.bytedance.net', and 'cloud.byteintl.net', which are recognized infrastructure endpoints for the Neptune service.
- [CREDENTIALS_UNSAFE]: The skill handles authentication credentials provided by the user.
- Evidence: The script supports retrieving 'x-jwt-token' and 'Cookie' data from environment variables ('NEPTUNE_JWT', 'NEPTUNE_COOKIE'), which is a standard and recommended practice for CLI-based automation tools to avoid hardcoding secrets.
Audit Metadata