byted-bytehouse-multimodal-search
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires standard Python packages (
clickhouse-connect,volcengine-python-sdk,numpy) for its core functionality. - [DATA_EXFILTRATION]: Network operations are directed to official Volcengine domains (e.g., ark.cn-beijing.volces.com) and the user-configured ByteHouse instance for legitimate vector storage and retrieval operations.
- [CREDENTIALS_UNSAFE]: The skill correctly uses environment variables (e.g., ARK_API_KEY, BYTEHOUSE_PASSWORD) to manage sensitive information, avoiding hardcoded secrets and following standard security practices.
- [COMMAND_EXECUTION]: The skill executes SQL commands on a ByteHouse database. It includes basic escaping for user-supplied strings to mitigate simple SQL injection risks and functions within its stated purpose of database management.
Audit Metadata