alibabacloud-waf-security-monitor

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and execute the Aliyun CLI installation script from https://aliyuncli.alicdn.com/setup.sh. This is an official vendor resource provided by the skill author (aliyun) and is used for necessary environment setup.
  • [COMMAND_EXECUTION]: The skill executes various aliyun CLI commands to interact with the Alibaba Cloud WAF 3.0 API. These operations are restricted to read-only actions (Describe/List) as defined in the accompanying RAM policies.
  • [CREDENTIALS_SAFE]: The skill implements strong security rules for credential management. It explicitly forbids the agent from printing, echoing, or requesting AccessKey ID/Secret values. It instructs users to configure credentials outside the agent session, which is a security best practice.
  • [DATA_EXPOSURE]: Telemetry and observability headers (User-Agent, TraceParent) are initialized using standard UUID generation. The skill strictly limits data collection to WAF configuration, traffic statistics, and certificate metadata.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes data from the WAF API (domains, certificate lists, traffic metrics) to generate reports.
  • Ingestion points: Data is captured from aliyun waf-openapi calls and stored in /tmp/waf_skill_output.log.
  • Boundary markers: The skill uses a structured markdown report template to delimit data.
  • Capability inventory: Capabilities are limited to read-only CLI calls and local Python parsing scripts.
  • Sanitization: The skill uses dedicated Python scripts (verify_output.py, extract_bot_template.py) for JSON parsing rather than shell-based string manipulation, reducing the risk of processing malformed or malicious API responses.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 06:12 AM
Security Audit — agent-trust-hub — alibabacloud-waf-security-monitor