alibabacloud-waf-security-monitor
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and execute the Aliyun CLI installation script from
https://aliyuncli.alicdn.com/setup.sh. This is an official vendor resource provided by the skill author (aliyun) and is used for necessary environment setup. - [COMMAND_EXECUTION]: The skill executes various
aliyunCLI commands to interact with the Alibaba Cloud WAF 3.0 API. These operations are restricted to read-only actions (Describe/List) as defined in the accompanying RAM policies. - [CREDENTIALS_SAFE]: The skill implements strong security rules for credential management. It explicitly forbids the agent from printing, echoing, or requesting AccessKey ID/Secret values. It instructs users to configure credentials outside the agent session, which is a security best practice.
- [DATA_EXPOSURE]: Telemetry and observability headers (User-Agent, TraceParent) are initialized using standard UUID generation. The skill strictly limits data collection to WAF configuration, traffic statistics, and certificate metadata.
- [INDIRECT_PROMPT_INJECTION]: The skill processes data from the WAF API (domains, certificate lists, traffic metrics) to generate reports.
- Ingestion points: Data is captured from
aliyun waf-openapicalls and stored in/tmp/waf_skill_output.log. - Boundary markers: The skill uses a structured markdown report template to delimit data.
- Capability inventory: Capabilities are limited to read-only CLI calls and local Python parsing scripts.
- Sanitization: The skill uses dedicated Python scripts (
verify_output.py,extract_bot_template.py) for JSON parsing rather than shell-based string manipulation, reducing the risk of processing malformed or malicious API responses.
Audit Metadata