doubao-tts
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill correctly identifies that sensitive credentials like
DOUBAO_SPEECH_API_KEYshould be stored in environment variables (.env) and explicitly warns against logging or committing secrets. - [EXTERNAL_DOWNLOADS]: The skill references official Volcengine/ByteDance API endpoints (
openspeech.bytedance.com) for its intended purpose of text-to-speech generation. - [PROMPT_INJECTION]: No instructional overrides or bypass attempts were detected in the skill instructions.
- [COMMAND_EXECUTION]: No dangerous shell commands or unauthorized system access patterns were identified.
Audit Metadata