The Agent Skills Directory

[SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration attempts were detected.
[COMMAND_EXECUTION]: The skill uses the Aliyun CLI to perform read-only operations on cloud resources. The inclusion of a Python helper script (scripts/get_ddos_logs.py) to handle complex SLS log queries is performed safely. The script uses subprocess.run with command lists (avoiding shell interpolation) and implements strict regular expression validation for all input parameters (Project, Logstore, Request ID) to prevent command injection vulnerabilities.
[CREDENTIALS_SAFE]: The skill explicitly instructs the agent to never read, print, or request literal Access Key (AK/SK) values. It relies on the pre-configured Aliyun CLI credential chain and correctly uses aliyun configure list to verify authentication status without exposing secrets.
[DATA_EXPOSURE]: A global masking rule is enforced throughout the skill's instructions and within the Python script to protect sensitive data. Client IPs are truncated to the first octet, while Cookies, Authorization headers, and URL query parameters are masked (e.g., *** or [MASKED]) before being displayed in any report or analysis.
[EXTERNAL_DOWNLOADS]: Reference documentation for CLI installation points exclusively to official Alibaba Cloud domains (aliyuncli.alicdn.com), which are trusted vendor resources.
[INDIRECT_PROMPT_INJECTION]: While the skill processes untrusted log data, it does so within a defined diagnostic workflow where data is parsed and masked by a local script before being presented as a static report, minimizing the surface for prompt injection attacks.

alibabacloud-ddoscoo-intercept-query