skills/aliyun/alibabacloud-aiops-skills/alibabacloud-migration-mas-product-mapping/Gen Agent Trust Hub
alibabacloud-migration-mas-product-mapping
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from user-supplied Excel survey reports and bills (via
excel_mapping.py,azure_mapping.py, andhuawei_mapping.py) to extract instance specifications. This creates an indirect prompt injection surface. - Ingestion points: Data enters the context through Excel file parsing in
excel_mapping.py,azure_mapping.py, andhuawei_mapping.py. - Boundary markers: Absent; the skill does not use specific delimiters or instructions to prevent the agent from obeying instructions potentially embedded within cell content.
- Capability inventory: The skill possesses the capability to execute subprocesses (launching mapping scripts and the pricing service) and perform network requests to Alibaba Cloud Pricing APIs.
- Sanitization: While the skill uses regular expressions to parse resource specifications, it lacks formal sanitization or schema validation to filter out natural language instructions embedded in input data.
- [COMMAND_EXECUTION]: The skill requires the execution of multiple Python scripts and the operation of a local Flask background server (
pricing_service.py) to provide real-time pricing and mapping reports. It manages local environment variables and relies on the standard Alibaba Cloud credential file (~/.alibabacloud/credentials) via the official SDK, which is consistent with its stated purpose.
Audit Metadata