alibabacloud-cfw-ips-event
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the Aliyun CLI (
aliyun cloudfw) to perform read-only queries against cloud security APIs. Each command is constructed using validated parameters and includes specific user-agent headers for tracking. - [EXTERNAL_DOWNLOADS]: The documentation references official Alibaba Cloud download paths (e.g.,
aliyuncli.alicdn.com) for the CLI tool prerequisites. These resources belong to the verified vendor and are used for legitimate tool installation. - [SAFE]: The skill implements robust security controls, including mandatory input validation for all user-provided data (IP addresses, timestamps, and regions) to prevent command injection, and it provides clear guidance on managing credentials through the CLI's native configuration system rather than through scripts or environment variables.
Audit Metadata