byted-emr-skills
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill facilitates legitimate management of Volcano Engine EMR services, which is consistent with its stated purpose and the author's identity.
- [SAFE]: Network communication is exclusively directed to official Volcano Engine API endpoints (e.g., *.volcengineapi.com) for resource management and monitoring.
- [SAFE]: Sensitive user credentials (AK/SK) are handled using standard environment variables, and the provided scripts are designed to avoid printing these secrets in plain text.
- [SAFE]: File system operations are safely confined to a designated 'tmp' directory, and the skill includes a dedicated utility to clean up aged temporary data.
- [SAFE]: The core SDK for EMR serverless operations is distributed as a local Python wheel, which is a standard and safe method for providing vendor-specific libraries.
- [SAFE]: Static analysis identified the use of dynamic module loading via import, but this is used for internal class loading within the vendor-provided library and poses no security threat.
Audit Metadata