byted-viking-cli
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructs the agent to help the user install the official Viking CLI by downloading a script from the vendor's domain (volces.com) and piping it to a shell, including commands for system-wide installation with elevated privileges.
- [COMMAND_EXECUTION]: It generates and executes specific CLI commands for the
viking-clibinary to perform data retrieval, storage, and administrative tasks on vector databases and knowledge bases. - [EXTERNAL_DOWNLOADS]: Orchestrates the retrieval of installation assets and management of cloud-stored datasets via ByteDance's official Volcengine endpoints.
- [CREDENTIALS_UNSAFE]: Guides users through an authentication process that collects and stores cloud service AccessKeys and SecretKeys in a local configuration file at
~/.viking/config.
Audit Metadata