alibabacloud-dsc-audit
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill includes defensive instructions that specifically prohibit the agent from echoing, printing, or requesting sensitive Alibaba Cloud Access Keys (AK/SK), which helps protect against credential harvesting through prompt manipulation.
- [COMMAND_EXECUTION]: The skill utilizes Python scripts to perform administrative tasks. The
handle_risk.pyscript includes comprehensive input validation using regular expressions and length checks to prevent command injection and ensure that user-supplied handling details are sanitized before being sent to the API. - [EXTERNAL_DOWNLOADS]: The skill requires official Alibaba Cloud Python SDK packages (e.g.,
alibabacloud_tea_openapi) from the standard PyPI registry. These are legitimate dependencies provided by the vendor. - [SAFE]: All network operations are directed exclusively to official Alibaba Cloud endpoints (
sddp.cn-zhangjiakou.aliyuncs.com), and credential management relies on the officialCredentialClientrather than hardcoded secrets.
Audit Metadata