qwen-vision
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script located at
${CLAUDE_PLUGIN_ROOT}/skills/qwen-vision/scripts/qwen_bridge.pyusingpython3to facilitate multimodal analysis. - [EXTERNAL_DOWNLOADS]: Requires the installation of the
dashscopePython package from standard package registries to interact with the Qwen API. - [DATA_EXFILTRATION]: Transmits user-provided video and image files to the Alibaba Cloud DashScope API for processing. This transmission is the primary intended function of the skill and is clearly documented.
- [SAFE]: Manages API authentication using the
DASHSCOPE_API_KEYenvironment variable, which is a standard security practice for avoiding hardcoded credentials.
Audit Metadata