alibabacloud-icpba-sucessdata-query
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides an installation command that pipes a remote setup script from an official vendor domain (https://aliyuncli.alicdn.com/setup.sh) to bash.
- [COMMAND_EXECUTION]: The skill executes Python scripts and Alibaba Cloud CLI commands to perform read-only API queries for ICP filing data.
- [EXTERNAL_DOWNLOADS]: The workflow requires installing specific official Alibaba Cloud SDK packages (alibabacloud-credentials, alibabacloud-tea-openapi, alibabacloud-tea-util) and fetching configuration utilities from vendor-controlled repositories.
- [PROMPT_INJECTION]: The skill includes safety-focused instructions that explicitly prohibit the agent from reading, echoing, or printing access keys (AK/SK) and require it to follow a strict confirmation process for user-supplied parameters.
- [SAFE]: The dynamic module loading in the validation script is used for verifying the presence of local dependencies from a static whitelist and does not process external input.
Audit Metadata