alibabacloud-network-health-inspection
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
subprocess.runfunction withshell=Trueinscripts/inspect_common.pyto execute Alibaba Cloud CLI commands. While the inputs are sanitized usingshlex.quote, executing shell commands dynamically is a sensitive operation that relies on the integrity of the sanitization process. - [EXTERNAL_DOWNLOADS]: The skill's workflow includes the automatic installation of the
matplotliblibrary viapip3if it is not detected on the system.matplotlibis a widely recognized and trusted library for data visualization, and its installation is necessary for the skill's chart generation feature. - [DATA_EXFILTRATION]: The skill includes instructions to upload generated charts to DingTalk Docs using
curlif requested by the user. While this involves sending data to an external platform, it uses an authorized DingTalk MCP service and targets a well-known enterprise collaboration service, which is consistent with the skill's stated purpose of report sharing. - [PROMPT_INJECTION]: The skill processes external data (such as cloud resource names and monitoring metrics) and incorporates it into a Markdown report. This presents a potential surface for indirect prompt injection if a malicious actor could control cloud resource metadata, though the risk is low as the tool only performs read-only queries.
Audit Metadata