ClawAudit verdict
alibabacloud-bailian-videoanalysis
Video analysis skill using official Alibaba Cloud Bailian (QuanMiaoLightApp) API; uses standard Aliyun CLI credential chain, behavior matches its stated video comprehension purpose, no suspicious data flows.
โ Flagged for review โ coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.
Automated static analysis โ not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.
Permission integrity
package_install
Findings (1)
References sudo โ requests elevated privileges
references/cli-installation-guide.md ยท code ยท sudo
Permissions & capabilities
No declared permissions โ minimal attack surface.
package_install Is this flag fair?
Thanks โ recorded.