Bailian KnowledgeBase Retrieve
PassAudited by ClawScan on May 1, 2026.
Overview
The artifacts show a straightforward Bailian knowledge-base retrieval tool that uses the expected DashScope API key and returns hosted proprietary KB results, with no hidden or destructive behavior found.
This appears reasonable to install if you intend the agent to search a specific Bailian/DashScope knowledge base. Before installing, make sure the API key and KNOWLEDGEBASE_ID are scoped to data the agent is allowed to see, and treat retrieved KB text as sensitive context rather than automatically trusted instructions.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Configuring this skill lets the agent query the selected Bailian knowledge base using the provided DashScope credential.
The script reads DASHSCOPE_API_KEY and KNOWLEDGEBASE_ID from the environment and uses the API key as a bearer token to call the Bailian/DashScope retrieval endpoint. This is expected for the integration, but it is still delegated account/API access.
url = f"https://dashscope.aliyuncs.com/api/v1/indices/pipeline/{knowledgebase_id}/retrieve" ... "Authorization": f"Bearer {api_key}"Use a minimally privileged API key or account where possible, set KNOWLEDGEBASE_ID only to the intended knowledge base, and rotate or revoke the key if the skill is no longer needed.
Private or internal knowledge-base passages may be surfaced to the agent and influence its answers.
The skill is explicitly designed to retrieve proprietary hosted knowledge-base content for an LLM/agent. This is purpose-aligned, but retrieved documents may contain sensitive content or instructions that should be treated as context rather than trusted commands.
offers to retrieve any proprietary data that have been vectorized in the hosted knowledgebases
Connect only knowledge bases appropriate for agent use, avoid indexing secrets or unsafe instruction-like content, and review retrieved context before relying on it for sensitive decisions.