volcengine-mongodb

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is a standard cloud management tool for Volcengine MongoDB.
  • [CREDENTIALS_UNSAFE]: The skill requires "VOLCENGINE_ACCESS_KEY" and "VOLCENGINE_SECRET_KEY" for authentication. It follows security best practices by requesting these via environment variables rather than hardcoding secrets or storing them in plain text files.
  • [EXTERNAL_DOWNLOADS]: The skill uses the official "volcengine-python-sdk" package, which is the legitimate library provided by the vendor (Bytedance) for managing Volcengine resources.
  • [COMMAND_EXECUTION]: The agent is instructed to execute "scripts/call_mongodb.py" using "uv" or "python". The script uses "argparse" to handle CLI arguments, which is a secure way to process user input without risk of shell injection.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 06:20 AM
Security Audit — agent-trust-hub — volcengine-mongodb