alibabacloud-pai-dlc-job
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download the Alibaba Cloud CLI from official vendor domains. These are trusted sources for the author 'aliyun'.
- Evidence:
references/cli-installation-guide.mdcontains download links such ashttps://aliyuncli.alicdn.com/aliyun-cli-linux-latest-amd64.tgzandhttps://aliyuncli.alicdn.com/aliyun-cli-windows-latest-amd64.zipfor binary installation. - [COMMAND_EXECUTION]: The skill makes extensive use of the
aliyunCLI to manage cloud resources, including job creation, deletion, and system configuration. - Evidence:
SKILL.mdandreferences/verification-method.mdinclude numerous command examples likealiyun pai-dlc create-jobandaliyun configure set --auto-plugin-install true. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it reads and processes external data such as pod logs and job events, which could contain malicious instructions.
- Ingestion points: Data enters the context via
aliyun pai-dlc get-pod-logsandaliyun pai-dlc get-job-events. - Boundary markers: None identified; output is directly presented to the agent context.
- Capability inventory: The skill has high-privilege capabilities including resource creation and lifecycle management (
stop-job,update-job) via the Aliyun CLI. - Sanitization: No explicit sanitization or filtering of log/event content is performed before the agent processes the output.
Audit Metadata