Skills
skills/qwencloud/qwencloud-ai/qwencloud-text/Gen Agent Trust Hub

qwencloud-text

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/gossamer.py uses subprocess.run to execute a local version-checking script from a companion skill, enabling automated update notifications within the vendor's ecosystem.
  • [EXTERNAL_DOWNLOADS]: The skill includes instructions for the agent to install official companion utilities from the QwenCloud/qwencloud-ai repository using the npx skills package manager.
  • [DATA_EXFILTRATION]: The library scripts/qwencloud_lib.py contains functionality to upload local files to Alibaba Cloud OSS storage. This is a primary feature used to enable the AI model to process document and image inputs provided by the user.
  • [CREDENTIALS_UNSAFE]: The skill enforces best practices for API key management, providing detailed documentation on using environment variables and implementing masking logic in the shared library to prevent secret leakage in logs.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 03:04 AM