product-knowledge-qa

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references external Model Context Protocol (MCP) data services located at dashscope.aliyuncs.com. These endpoints provide financial data for funds, bonds, and wealth management products. As the domain belongs to the skill's author (Aliyun), this is identified as a legitimate vendor resource.- [COMMAND_EXECUTION]: No shell commands or subprocess executions are present. The skill operates entirely through structured tool calls to defined MCP services.- [PROMPT_INJECTION]: The instructions do not contain any patterns associated with bypassing safety filters, system prompt extraction, or ignoring previous instructions.- [DATA_EXFILTRATION]: No patterns of sensitive data access (e.g., environment variables, SSH keys) or transmission to unauthorized domains were detected. All network communication is directed to the vendor's API infrastructure.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 06:40 AM
Security Audit — agent-trust-hub — product-knowledge-qa