alibabacloud-network-health-inspection

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the subprocess.run function with shell=True in scripts/inspect_common.py to execute Alibaba Cloud CLI commands. While the inputs are sanitized using shlex.quote, executing shell commands dynamically is a sensitive operation that relies on the integrity of the sanitization process.
  • [EXTERNAL_DOWNLOADS]: The skill's workflow includes the automatic installation of the matplotlib library via pip3 if it is not detected on the system. matplotlib is a widely recognized and trusted library for data visualization, and its installation is necessary for the skill's chart generation feature.
  • [DATA_EXFILTRATION]: The skill includes instructions to upload generated charts to DingTalk Docs using curl if requested by the user. While this involves sending data to an external platform, it uses an authorized DingTalk MCP service and targets a well-known enterprise collaboration service, which is consistent with the skill's stated purpose of report sharing.
  • [PROMPT_INJECTION]: The skill processes external data (such as cloud resource names and monitoring metrics) and incorporates it into a Markdown report. This presents a potential surface for indirect prompt injection if a malicious actor could control cloud resource metadata, though the risk is low as the tool only performs read-only queries.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 02:30 AM
Security Audit — agent-trust-hub — alibabacloud-network-health-inspection