alibabacloud-smartag-pilot
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads the Aliyun CLI setup script from the official vendor infrastructure at "https://aliyuncli.alicdn.com/setup.sh". This is a trusted administrative action for setting up the required CLI environment.
- [COMMAND_EXECUTION]: The skill relies on executing "aliyun smartag" CLI commands to fetch instance attributes, routing tables, and status logs. It also utilizes a provided Python script ("references/status_inspection_template.py") which invokes subprocesses to aggregate these results.
- [PROMPT_INJECTION]: The skill processes external data from cloud APIs, creating a surface for indirect prompt injection.
- Ingestion points: Resource metadata (names, IDs, status) retrieved from SAG API calls via the CLI.
- Boundary markers: Absent. The instructions do not define strict delimiters for the configuration data processed by the agent.
- Capability inventory: The agent can execute shell commands via the "aliyun" CLI and write markdown files to the local workspace.
- Sanitization: API responses are parsed as JSON, but individual text fields are not specifically sanitized against natural language instructions.
Audit Metadata