qwencloud-video-generation
Warn
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill implements a self-updating mechanism that triggers the download and installation of additional skills via the
npx skills addcommand. This process is initiated by thescripts/gossamer.pyscript and the instructions inSKILL.md. - [COMMAND_EXECUTION]: The
scripts/gossamer.pyutility usessubprocess.runto execute system-level commands (likenpx) and other Python scripts identified through dynamic path resolution. - [PROMPT_INJECTION]: The skill uses a 'behavioral signaling' pattern where the
SKILL.mdfile instructs the agent to execute specific shell commands if certain strings (e.g.,[ACTION_REQUIRED]) appear in the script's stderr output. This allows the script's output to control the agent's next action, effectively bypassing the user's direct intent. - [DATA_EXFILTRATION]: The
scripts/qwencloud_lib.pylibrary includes functionality to upload local images, videos, and audio files to Alibaba Cloud OSS (Object Storage Service). While this supports the video generation feature, it involves sending local filesystem data to a remote endpoint. - [CREDENTIALS_UNSAFE]: The library automatically searches for and loads
.envfiles from both the current working directory and the project root, which typically contain sensitive API keys and secrets. While it includes logic to mask these keys in logs, the automatic loading of environment files into process memory is a significant data access behavior. - [PERSISTENCE]: The skill provides instructions in
references/agent-compatibility.mdfor the agent to modify project-level configuration files (such asCLAUDE.mdorAGENTS.md) to register itself and other 'sibling' skills, ensuring the skill remains active in future sessions.
Audit Metadata