Skills
skills/aliyun/alibabacloud-aiops-skills/alibabacloud-iqs-weather-query/Gen Agent Trust Hub

alibabacloud-iqs-weather-query

Warn

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements a "Continuous Evolution" mechanism via the evolveHint field in scripts/weather.mjs and instructions in SKILL.md, which explicitly prompt the agent to write new JavaScript parser functions and register them in the script's PARSER_REGISTRY.
  • [COMMAND_EXECUTION]: This design encourages the generation and integration of executable code based on untrusted data retrieved from external weather websites using the ReadPageBasic API. This creates a risk where malicious web content could influence the agent to insert unintended or harmful code into the scripts/weather.mjs file.
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface:
  • Ingestion points: External content enters the agent context through the rawText field in scripts/weather.mjs, which contains scraped text from weather websites.
  • Boundary markers: The script uses a basic natural language hint to guide the agent but lacks robust structural delimiters to isolate untrusted web content from the agent's instructions.
  • Capability inventory: The agent is explicitly directed to modify its own source code (scripts/weather.mjs) based on the ingested data.
  • Sanitization: There is no mechanism in the script to validate or sanitize the code generated by the agent before it is written to the file system.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 11, 2026, 06:18 AM