baidu-wenku-aippt-personal
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads the
bdpanCLI installer and skill updates from official Baidu domains (issuecdn.baidupcs.comandpan.baidu.com). These downloads are documented for transparency and do not present a security risk as they originate from the vendor's infrastructure. - [REMOTE_CODE_EXECUTION]: Executes downloaded installers and updates. The skill ensures integrity by performing mandatory SHA256 checksum verification against hardcoded values (in
install.sh) or values provided by the official configuration API (inupdate.sh) before execution. - [CREDENTIALS_UNSAFE]: Handles authentication via a secure OAuth 2.0 OOB flow. It prevents credential exposure by passing the authorization code through stdin to the CLI tool and includes explicit safety constraints in the
SKILL.mdfile that forbid the AI agent from reading or outputting the contents of the configuration file (~/.config/bdpan/config.json) where tokens are stored. - [INDIRECT_PROMPT_INJECTION]: The skill ingests user queries to determine PPT themes and styles. While this creates an ingestion surface for untrusted data, the risk is low as the data is used for content generation within the scoped
bdpantool and the skill lacks capabilities that would allow for privilege escalation or unauthorized data access based on the query content.
Audit Metadata