The Agent Skills Directory

[SAFE]: The skill is authored by the official vendor (aliyun) and interacts exclusively with official Alibaba Cloud infrastructure and repositories. No malicious patterns or security risks were detected in the skill's code or configuration.
[EXTERNAL_DOWNLOADS]: The skill fetches resources from trusted sources: Downloads the Aliyun CLI from official distribution points (aliyuncli.alicdn.com) and fetches official Terraform module examples from the alibabacloud-automation organization on GitHub.
[COMMAND_EXECUTION]: The skill utilizes several local helper scripts and the Aliyun CLI to perform its tasks: It runs scripts/verify_env.sh to validate the local execution environment and scripts/terraform_runtime_online.sh to manage the lifecycle of Terraform deployments via Alibaba Cloud's remote IaCService. Various Python scripts use the official Alibaba Cloud Python SDK to query product and API metadata.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes externally sourced Terraform code and user-provided configuration values. However, it mitigates this risk by requiring human confirmation for all parameters and infrastructure changes before execution. Ingestion points: Fetches Terraform main.tf files from external GitHub repositories. Boundary markers: None explicitly defined for external content, but the scope is limited to structured HCL (Terraform) configuration. Capability inventory: Full cloud resource management capabilities via Aliyun CLI and iacservice (Resource Creation, Update, Deletion). Sanitization: Includes a sanitize_response function in all Python scripts to prevent the exposure of credentials, tokens, and passwords in the output.

alibabacloud-solution-deploy