alibabacloud-flink-instance-manage
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill uses official and versioned Alibaba Cloud Python SDK packages for resource management, ensuring communication with legitimate cloud endpoints.
- [SAFE]: Credential security is maintained by instructing users to use the standard Aliyun credential chain (RAM roles or CLI profiles) and explicitly forbidding the hardcoding of AccessKeys.
- [COMMAND_EXECUTION]: Operational integrity is enforced by routing all cloud mutations through a controlled Python wrapper script (scripts/instance_ops.py), which includes input validation and idempotency checks.
- [EXTERNAL_DOWNLOADS]: Documentation correctly directs users to official vendor-hosted binaries (aliyuncli.alicdn.com) for toolchain installation, posing no risk of third-party package compromise.
- [SAFE]: A multi-tiered confirmation model protects against accidental or unintended resource modifications, requiring specific flags for different classes of operations.
Audit Metadata