alibabacloud-kvstore-health-inspection

Pass

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install the Aliyun CLI using a script from "https://aliyuncli.alicdn.com/setup.sh". This installer is hosted on the official vendor's content delivery network.
  • [COMMAND_EXECUTION]: The main inspection logic in "health-inspect.py" executes aliyun CLI commands via the subprocess module. These executions are confined to a list of allowed read-only actions for collecting monitoring data and instance attributes.
  • [SAFE]: The skill includes a pre-tool-use hook, "scripts/check-write-operation.sh", which programmatically inspects commands before they are run. This hook blocks dangerous write operations (e.g., instance deletion or data flushing), ensuring the skill remains restricted to its intended read-only inspection purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 25, 2026, 06:09 AM
Security Audit — agent-trust-hub — alibabacloud-kvstore-health-inspection