alibabacloud-flink-knowledge

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill employs a structured Five-Layer Pipeline (Intent Classifier, Evidence Policy, Risk Gates, Response Builder, and Output Formatter) to strictly control agent behavior and ensure transparency.
  • [SAFE]: Network operations are performed via WebFetch and are restricted to official Alibaba Cloud documentation domains (help.aliyun.com). The skill includes explicit instructions to block information if live documentation retrieval fails.
  • [SAFE]: Command execution is performed using the official aliyun CLI tool. All business commands are required to include a session-specific User-Agent for observability and rely on the user's existing RAM (Resource Access Management) permissions.
  • [SAFE]: The skill implements a strict 'File Protocol Gate' (G4) that prevents unsolicited file generation unless specific user trigger phrases are detected in the prompt.
  • [SAFE]: The inclusion of a Python validation script (scripts/validate_skill_rewrite.py) is for development-time static analysis of the instructions and contains no malicious logic, network calls, or dangerous system operations.
  • [SAFE]: The skill uses a 'Character Integrity Rule' for its internal state markers (e.g., TOOL_EVIDENCE) to prevent instruction bypass via homoglyphs or token manipulation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:00 AM
Security Audit — agent-trust-hub — alibabacloud-flink-knowledge