alibabacloud-starops-chat

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill employs the official Alibaba Cloud Credentials SDK to manage authentication, which is the recommended secure approach for cloud service integrations. It correctly leverages the standard credential chain and avoids hardcoding sensitive information.
  • [EXTERNAL_DOWNLOADS]: Dependencies are limited to official and widely-used libraries (alibabacloud-credentials, requests) installed from standard package registries. These are necessary for the skill's stated purpose of interacting with cloud APIs.
  • [SAFE]: All network requests are directed to official Alibaba Cloud API endpoints (e.g., starops.cn-beijing.aliyuncs.com) using secure HTTPS and the standard ACS3-HMAC-SHA256 signing algorithm for data integrity and authenticity.
  • [SAFE]: Technical analysis of the provided Python scripts and instructions reveals no evidence of prompt injection, data exfiltration, obfuscation, or malicious persistence mechanisms.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 07:01 PM
Security Audit — agent-trust-hub — alibabacloud-starops-chat