Skills
skills/cinience/alicloud-skills/aliyun-qwen-asr/Gen Agent Trust Hub

aliyun-qwen-asr

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses sensitive local files such as .env and ~/.alibabacloud/credentials to obtain API keys for authentication. These credentials are submitted to official Alibaba Cloud (Aliyun) DashScope endpoints to perform transcription tasks, which is consistent with the skill's intended functionality as a service provider.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted audio data from external sources.
  • Ingestion points: Audio input provided via URL or file path to the Python helper script (scripts/transcribe_audio.py) and subsequent transcription JSON fetched from external links.
  • Boundary markers: The skill does not implement specific delimiters or warnings to isolate transcribed text from instructions for the agent.
  • Capability inventory: The script performs network operations to Alibaba Cloud APIs and third-party transcription URLs, and writes results to the local output/ directory.
  • Sanitization: Transcribed content and external metadata are processed and returned to the agent without filtering or escaping of potential embedded commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 02:27 AM