Skills
skills/aliyun/alibabacloud-aiops-skills/alibabacloud-oss-manage-metaquery/Gen Agent Trust Hub

alibabacloud-oss-manage-metaquery

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [SAFE]: The skill implements robust security practices for Alibaba Cloud service integration.
  • [SAFE]: Credential management is handled securely via the official alibabacloud-credentials provider, which utilizes the system's default credential chain. The instructions strictly prohibit manual handling or printing of AccessKey and SecretKey values.
  • [COMMAND_EXECUTION]: Employs the official Aliyun CLI (aliyun ossutil) for bucket management. It includes a mandatory 'Dangerous Operation Confirmation' protocol that requires explicit user consent before executing destructive actions such as deleting buckets, objects, or closing metadata indexes.
  • [EXTERNAL_DOWNLOADS]: Includes instructions to download the official Aliyun CLI and ossutil binaries from trusted vendor domains (alicdn.com and gosspublic.alicdn.com). These are documented as necessary prerequisites for the skill's functionality.
  • [SAFE]: Python scripts responsible for querying (e.g., semantic_query.py and open_metaquery.py) utilize xml.sax.saxutils.escape to sanitize user-provided inputs before they are interpolated into XML request bodies, preventing potential injection vulnerabilities during API interactions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 08:14 AM