alibabacloud-alinux-sysom-inspection
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides the
osops.shscript which executes a Python-based CLI (sysom_cli) to interact with Alibaba Cloud services. These commands are limited to legitimate infrastructure management tasks such as triggering system inspections and requesting diagnostic reports. - [EXTERNAL_DOWNLOADS]: The
init.shsetup script installs required Python dependencies from the official PyPI registry, specificallyrequestsand Alibaba Cloud's own SDK libraries (alibabacloud-tea-openapi,alibabacloud-tea-util). - [DATA_EXFILTRATION]: The code in
scripts/sysom_cli/lib/auth.pycontains logic to resolve Alibaba Cloud credentials. It checks environment variables, the standard local configuration file (~/.aliyun/config.json), and the ECS metadata service (100.100.100.200). This behavior is standard and necessary for authenticating with cloud APIs and does not constitute unauthorized data exposure. - [REMOTE_CODE_EXECUTION]: While the skill can initiate the installation of the SysOM agent on a target ECS instance via the
InstallAgentWithTypeAPI call, this is the primary stated purpose of the skill and includes a safeguard that requires interactive user confirmation when run in a TTY environment.
Audit Metadata