spring-ai-alibaba
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- [Documentation Only] (SAFE): The skill consists entirely of Markdown-based developer guidance and code snippets. There are no executable scripts (.sh, .py, .js) or configuration files that would be run by the agent environment.
- [Credential Safety] (SAFE): The configuration examples correctly advise using environment variables (
${DASHSCOPE_API_KEY}) rather than hardcoding sensitive API keys. - [Dependency Analysis] (SAFE): The referenced Java dependencies (
com.alibaba.cloud.ai:spring-ai-starter-model-aliyun-dashscope) are standard components for the Alibaba Cloud AI ecosystem. - [No Code Execution] (SAFE): No remote code execution patterns, command execution, or network exfiltration attempts were detected.
Audit Metadata