alibabacloud-oss-media-process
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads the official Aliyun CLI installation script from a vendor-owned content delivery network (aliyuncli.alicdn.com). This is a standard and expected deployment method for the official toolset.
- [REMOTE_CODE_EXECUTION]: The installation instructions for the Aliyun CLI involve piping a remote script to a shell. This operation is limited to the setup phase and targets the trusted infrastructure of the vendor.
- [COMMAND_EXECUTION]: The processing script uses subprocess calls to execute ffprobe for validating media properties of processed files. This local execution is part of the core functionality to ensure output quality.
- [SAFE]: The skill demonstrates a strong security posture by implementing explicit rules to prevent credential leakage. It mandates the use of secure SDK-based credential discovery and provides built-in mechanisms to redact sensitive parameters from presigned URLs before they are displayed or logged.
Audit Metadata