alibabacloud-odps-cost-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructions and installation guide include a command to fetch and execute a setup script (
setup.sh) from the vendor's official content delivery network (aliyuncli.alicdn.com). This is a standard procedure for installing and updating the Aliyun CLI plugin ecosystem. - [COMMAND_EXECUTION]: The skill provides a comprehensive guide for installing the Aliyun CLI on various operating systems, which includes commands to move binaries to system paths (e.g.,
sudo mv aliyun /usr/local/bin/). It also details the use of thealiyuncommand-line interface for performing cloud operations. - [DATA_EXFILTRATION]: While the skill involves fetching billing and usage data from cloud APIs, it incorporates strict security constraints. It explicitly forbids the agent from reading, echoing, or displaying sensitive credentials such as Access Key IDs or Secrets (AK/SK). It also mandates the use of a specific User-Agent for all requests to ensure visibility and accountability.
Audit Metadata