skills/aliyun/alibabacloud-aiops-skills/alibabacloud-waf-protectionconfig-backup/Gen Agent Trust Hub
alibabacloud-waf-protectionconfig-backup
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [REMOTE_CODE_EXECUTION]: The installation guide includes a pattern to install the Aliyun CLI using
curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash. This executes a remote script directly in the shell. As the domainalicdn.comis a legitimate resource for the vendoraliyun, this is documented as standard installation behavior. - [EXTERNAL_DOWNLOADS]: The skill downloads the CLI setup script from
https://aliyuncli.alicdn.com/setup.shand requires the installation of theopenpyxlPython package for generating Excel reports. - [COMMAND_EXECUTION]: The skill relies on the
aliyunCLI for all cloud interactions and usespython3 -cto perform data processing and file generation tasks locally. - [CREDENTIALS_UNSAFE]: The skill implements strict internal safety rules for the agent, explicitly prohibiting the reading, printing, or inputting of Access Key/Secret Key values. It directs users to manage credentials through secure, out-of-band CLI configuration methods.
Audit Metadata