alibabacloud-cms-manage

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the download of monitoring agents and configuration templates from official Alibaba Cloud OSS domains (aliyuncs.com) and verified package registries (NPM, PyPI). These resources are essential for service instrumentation within the vendor's ecosystem.
  • [REMOTE_CODE_EXECUTION]: The documentation describes the use of installer scripts (via curl | bash) for specific AI framework plugins such as OpenClaw and CoPaw. This is presented as a standard installation method for the vendor's specialized observability tools.
  • [COMMAND_EXECUTION]: The skill orchestrates system and cloud commands, including package manager operations (pip, npm) and Kubernetes cluster modifications (kubectl). Safety is ensured through a 'Two-Phase Execution Protocol' that requires the agent to present a plan and obtain explicit user approval before executing any write operations or cluster-side changes.
  • [SAFE]: No malicious obfuscation, hidden URLs, or unauthorized data exfiltration patterns were detected. The skill follows security best practices by mandating human confirmation for high-impact tasks and providing clear guidance on the secure handling of sensitive authentication tokens.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 02:59 AM
Security Audit — agent-trust-hub — alibabacloud-cms-manage