alibabacloud-migration-mas-product-mapping

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from user-supplied Excel survey reports and bills (via excel_mapping.py, azure_mapping.py, and huawei_mapping.py) to extract instance specifications. This creates an indirect prompt injection surface.
  • Ingestion points: Data enters the context through Excel file parsing in excel_mapping.py, azure_mapping.py, and huawei_mapping.py.
  • Boundary markers: Absent; the skill does not use specific delimiters or instructions to prevent the agent from obeying instructions potentially embedded within cell content.
  • Capability inventory: The skill possesses the capability to execute subprocesses (launching mapping scripts and the pricing service) and perform network requests to Alibaba Cloud Pricing APIs.
  • Sanitization: While the skill uses regular expressions to parse resource specifications, it lacks formal sanitization or schema validation to filter out natural language instructions embedded in input data.
  • [COMMAND_EXECUTION]: The skill requires the execution of multiple Python scripts and the operation of a local Flask background server (pricing_service.py) to provide real-time pricing and mapping reports. It manages local environment variables and relies on the standard Alibaba Cloud credential file (~/.alibabacloud/credentials) via the official SDK, which is consistent with its stated purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 08:40 AM
Security Audit — agent-trust-hub — alibabacloud-migration-mas-product-mapping