zvec
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill instructions and reference materials describe standard database and AI integration patterns.
- Data Ingestion: The skill documents how to ingest and query documents via
insert,upsert, andquerymethods. This represents the core functionality of the vector database and does not include instructions for executing or evaluating the ingested content. - Network Operations: The library is designed to fetch machine learning models (e.g., from Sentence Transformers) and communicate with established AI provider APIs (OpenAI, Jina, Dashscope) for embedding and reranking tasks. These are documented as expected behaviors for the tool's primary purpose.
- Dependencies: The skill references official package installation via
pip install zvecandnpm install @zvec/zvec. These align with the project's official presence on GitHub under the Alibaba organization.
Audit Metadata