Skills
skills/aliyun/alibabacloud-aiops-skills/alibabacloud-iqs-search/Gen Agent Trust Hub

alibabacloud-iqs-search

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted web data, which presents a surface for indirect prompt injection.
  • Ingestion points: External content from search results and web pages is retrieved via the cloud-iqs.aliyuncs.com API in scripts/search.mjs and scripts/readpage.mjs.
  • Boundary markers: The skill does not use delimiters or provide instructions to the agent to treat retrieved data as untrusted, increasing the risk that the agent may follow instructions embedded in the search results.
  • Capability inventory: The skill is capable of executing local scripts, reading specific configuration files, and making outbound network requests to Aliyun services.
  • Sanitization: No sanitization or instruction filtering is performed on the data fetched from the web.
  • [COMMAND_EXECUTION]: The skill executes local Node.js scripts to facilitate its search and scraping functionality.
  • [DATA_EXFILTRATION]: The skill reads credentials from a configuration file at ~/.alibabacloud/iqs/env and transmits them to cloud-iqs.aliyuncs.com. This is consistent with the vendor's documented authentication model for its cloud services.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 02:31 AM