skills/volcengine/ark-cli/arkcli-chat/Gen Agent Trust Hub

arkcli-chat

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the arkcli binary and standard system utilities like jq, tr, and cat to manage model interactions and parse results. These operations are consistent with the skill's function as a CLI wrapper for cloud services and align with the vendor's documented workflow.
  • [DATA_EXFILTRATION]: The skill allows the agent to upload local files (images, audio, video) to the Volcengine ARK file service via the @file input mechanism. This is the core intended behavior for multimodal processing and is explicitly documented as a data transfer to the vendor's platform.
  • [EXTERNAL_DOWNLOADS]: The skill supports passing remote HTTP/HTTPS URLs as inputs to the model service, enabling the processing of web-hosted content as part of the chat and reasoning workflow. These references are treated as input data for the vendor's model API.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 02:03 AM
Security Audit — agent-trust-hub — arkcli-chat