Skills
skills/aliyun/alibabacloud-aiops-skills/alibabacloud-sas-alert-handler/Gen Agent Trust Hub

alibabacloud-sas-alert-handler

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple 'aliyun sas' commands to interact with Alibaba Cloud Security Center APIs for querying and handling alerts. This is the intended functionality of the skill.
  • [EXTERNAL_DOWNLOADS]: The 'references/cli-installation-guide.md' document contains instructions for downloading the Aliyun CLI from 'aliyuncli.alicdn.com', which is an official vendor distribution domain.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8) due to its processing of untrusted security alert data.
  • Ingestion points: Security alert data is retrieved from the cloud via 'DescribeSuspEvents' as detailed in 'SKILL.md' and 'references/related-apis.md'.
  • Boundary markers: The skill does not define specific delimiters or instructions to ignore instructions embedded within the alert data.
  • Capability inventory: The skill can execute potentially sensitive actions like 'HandleSecurityEvents' (blocking IPs or killing processes) based on the analysis of these alerts.
  • Sanitization: There is no explicit sanitization or validation of the external alert content specified before processing.
  • [COMMAND_EXECUTION]: Instructions in 'references/cli-installation-guide.md' include the use of 'sudo' for administrative tasks like moving the CLI binary to a system path, which is a standard procedure for tool installation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 08:52 AM