alibabacloud-waf-cname-config-export

Pass

Audited by Gen Agent Trust Hub on Jun 2, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download the official Alibaba Cloud CLI installer and binaries from aliyuncli.alicdn.com. This is a standard deployment procedure for the vendor's management tools.
  • [COMMAND_EXECUTION]: The Python script uses the subprocess module to invoke the aliyun CLI. This execution is limited to pre-defined API calls for querying WAF instance metadata and configurations, representing legitimate tool usage.
  • [REMOTE_CODE_EXECUTION]: An error message in the Python script suggests using a shell-piped installer command (curl | bash) for the Aliyun CLI if the tool is missing. This is the vendor-provided installation method for their CLI environment.
  • [CREDENTIALS_UNSAFE]: The skill demonstrates strong security awareness by instructing users to manage Access Keys (AK/SK) outside of the active session and strictly forbidding the agent from reading or echoing literal credential values.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 2, 2026, 09:34 AM
Security Audit — agent-trust-hub — alibabacloud-waf-cname-config-export