Skills
skills/aliyun/alibabacloud-aiops-skills/alibabacloud-emr-spark-manage/Gen Agent Trust Hub

alibabacloud-emr-spark-manage

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface.
  • Ingestion points: The skill accesses external data by reading Spark job logs, standard output/error files, and SQL execution results from Alibaba Cloud OSS storage using the ListLogContents and ListSqlStatementContents APIs (referenced in references/job-management.md and references/api-reference.md).
  • Boundary markers: The instructions lack explicit delimiters or warnings to treat content from these files as untrusted, which could lead the agent to follow malicious instructions embedded within logs.
  • Capability inventory: The skill possesses significant capabilities through the aliyun CLI, including creating workspaces, submitting jobs, managing Kyuubi services, and modifying RAM permissions (documented in references/ram-policies.md and references/workspace-lifecycle.md).
  • Sanitization: No sanitization or verification of the fetched log/result content is implemented before it is presented to the agent for analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 01:02 AM