alibabacloud-docmind-parse
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of official Alibaba Cloud libraries including
alibabacloud-docmind-api20220711,alibabacloud-credentials, andalibabacloud-tea-openapi. These are trusted dependencies provided by the vendor for interacting with their document parsing service. - [DATA_EXFILTRATION]: The script
scripts/docmind_parse.pytransmits document content to official Alibaba Cloud endpoints (docmind.aliyuncs.comordocmind-api.cn-hangzhou.aliyuncs.com). This is the intended behavior of the tool for cloud-based document parsing and matches its stated purpose. - [CREDENTIALS_UNSAFE]: The skill interacts with the Alibaba Cloud default credential chain, which includes reading environment variables (e.g.,
ALIBABA_CLOUD_ACCESS_KEY_ID) and accessing local configuration files such as~/.alibabacloud/credentials. This is a standard and expected mechanism for authenticating with Alibaba Cloud services. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it parses untrusted external data (PDFs, images, and Office documents).
- Ingestion points: The
parse_documentfunction inscripts/docmind_parse.pyreads content from local files or fetches it from user-provided URLs. - Boundary markers: None present; the script returns the raw structured output (Markdown or JSON) of the document parsing service.
- Capability inventory: The script possesses file system read access and network communication capabilities (via
requestsand Alibaba Cloud SDKs). - Sanitization: No sanitization or filtering of the parsed document content is performed; instructions embedded within processed documents could potentially influence downstream agent logic.
Audit Metadata