alibabacloud-ack-cli

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads the Aliyun CLI setup script and binary packages from official Alibaba Cloud infrastructure (aliyuncli.alicdn.com). These are recognized vendor resources for the author 'aliyun'.
  • [REMOTE_CODE_EXECUTION]: Installation instructions include piping a remote script from the vendor's official domain directly to bash. While this is a sensitive pattern, it is a standard installation method for the official Aliyun CLI and originates from a trusted source.
  • [COMMAND_EXECUTION]: The skill uses Bash scripts and CLI commands to interact with cloud APIs and poll for task status. These operations are limited to the intended purpose of Kubernetes cluster management and use standard tools like jq and aliyun CLI.
  • [DATA_EXFILTRATION]: The skill manages Kubernetes configuration (kubeconfig), which contains sensitive access tokens. This handling is necessary for cluster management and no unauthorized data transmission to external sites was detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 03:27 PM
Security Audit — agent-trust-hub — alibabacloud-ack-cli