alibabacloud-ddos-security-monitor

Pass

Audited by Gen Agent Trust Hub on May 25, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The documentation includes instructions to install the Alibaba Cloud CLI using a piped shell script (curl | bash) from the vendor's official domain (aliyuncli.alicdn.com). This procedure is provided for environment setup and targets the vendor's verified infrastructure.
  • [EXTERNAL_DOWNLOADS]: The skill fetches tool updates and plugins from official Alibaba Cloud domains and GitHub release pages to ensure the CLI remains updated and functional.
  • [COMMAND_EXECUTION]: The skill performs automated execution of numerous aliyun CLI commands to aggregate security metrics across multiple cloud regions. These operations are limited to data retrieval and do not include modifications to cloud resources.
  • [CREDENTIALS_UNSAFE]: The skill includes explicit security warnings and procedures designed to prevent the accidental exposure of AccessKey and SecretKey values, directing users to configure credentials outside of the agent's conversational context.
  • [PROMPT_INJECTION]: Instructions within the skill employ strict validation markers and mandatory checkpoints to ensure the agent maintains a specific security posture, such as enabling and disabling the CLI's AI-Mode lifecycle.
Audit Metadata
Risk Level
SAFE
Analyzed
May 25, 2026, 08:07 AM
Security Audit — agent-trust-hub — alibabacloud-ddos-security-monitor