skills/aliyun/alibabacloud-aiops-skills/alibabacloud-ddos-native-intercept-query/Gen Agent Trust Hub
alibabacloud-ddos-native-intercept-query
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides instructions to install or update the Aliyun CLI using a piped shell script:
curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash. While this is a remote code execution pattern, the source is the official Alibaba Cloud CDN, making it a standard installation method for the vendor's tooling. - [EXTERNAL_DOWNLOADS]: The skill downloads and installs Aliyun CLI plugins (
aliyun-cli-ddosbgp,aliyun-cli-antiddos-public) from official Alibaba Cloud repositories using thealiyun plugin installcommand. - [COMMAND_EXECUTION]: The skill executes various Aliyun CLI commands (
ddosbgp,antiddos-public) to fetch instance information, intercept records, and policy configurations. All commands are limited to read-only actions (Describe*,List*). - [SAFE]: The skill implements strong security practices, including explicit instructions to never read or echo sensitive credentials (AK/SK) and a mandatory refusal pattern for any write operations, ensuring the agent operates within a strictly read-only scope.
Audit Metadata