alibabacloud-wxz-website-builder
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses official Alibaba Cloud OpenAPI endpoints (
websitebuild.aliyuncs.com) and standard SDKs (alibabacloud-tea-openapi,alibabacloud-credentials) for all operations. - [SAFE]: The Python script
scripts/aistaff_api.pyincludes robust input validation, including checks for ID patterns and avalidate_output_pathfunction that prevents path traversal by restricting file writes to a specific directory. - [SAFE]: Authentication is handled via the Alibaba Cloud default credential chain, which supports secure environment variables and configuration files, discouraging the use of hardcoded secrets.
- [SAFE]: The documentation explicitly promotes security best practices, such as creating RAM sub-users with least-privilege permissions and warning against using root account AccessKeys or committing secrets to version control.
Audit Metadata