alibabacloud-devops
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads and executes the
alibabacloud-devops-mcp-serverpackage from the public npm registry usingnpx. This package is a vendor-aligned resource intended to facilitate communication with Alibaba Cloud services. - [COMMAND_EXECUTION]: The instructions and configuration utilize shell execution via
npxandmcporterto initialize the MCP server and invoke various DevOps tools. - [DATA_EXFILTRATION]: The skill processes project data and code content from the Yunxiao platform. While it requires a
YUNXIAO_ACCESS_TOKEN, the environment variable configuration follows standard security practices for credential management, and no hardcoded secrets were detected. - [INDIRECT_PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests untrusted data from external sources such as source code files (
get_file_blobs), merge request comments (list_change_request_comments), and work item details. - Ingestion points:
get_file_blobs,list_change_request_comments,get_work_item,get_pipeline_job_run_log(SKILL.md). - Boundary markers: No explicit instruction-ignoring delimiters are defined in the tool descriptions.
- Capability inventory: The skill has extensive write and execution capabilities, including file creation/modification (
create_file,update_file) and pipeline triggering (create_pipeline_run,execute_pipeline_job_run). - Sanitization: No specific sanitization or validation of the ingested content is mentioned before it is returned to the agent context.
Audit Metadata