byted-bytehouse-hybrid-search
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses environment variables (e.g., ARK_API_KEY, BYTEHOUSE_PASSWORD) to manage sensitive credentials, following security best practices to avoid hardcoded secrets.
- [SAFE]: Database operations are conducted using the official clickhouse-connect library with parameterized queries for search values, which mitigates standard SQL injection risks.
- [SAFE]: External network communication is directed to official ByteDance and Volcengine services (such as the Ark API endpoint), which are consistent with the skill author's identity and stated functionality.
- [SAFE]: Dependencies such as volcengine-python-sdk and clickhouse-connect are well-known, legitimate libraries required for the skill's database and embedding operations.
Audit Metadata