alibabacloud-ecs-linux-troubleshooting

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill makes extensive use of the aliyun CLI to perform administrative tasks such as stopping/starting instances, detaching/attaching disks, and querying security group configurations.
  • [COMMAND_EXECUTION]: It uses the aliyun.ecs.RunCommand API to execute shell scripts on target ECS instances. These scripts perform deep system inspection, including mounting file systems and checking system logs.
  • [EXTERNAL_DOWNLOADS]: The skill downloads diagnostic utilities (perf-tools) from a well-known technology expert's public GitHub repository (github.com/brendangregg/perf-tools) to assist with kernel tracepoint analysis.
  • [DATA_EXFILTRATION]: For troubleshooting purposes, the skill accesses sensitive instance metadata via the Alibaba Cloud metadata service (100.100.100.200) and reads system configuration files (such as /etc/shadow and /etc/fstab) during offline disk analysis to verify OS integrity.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes output from commands executed on potentially compromised target instances (e.g., in guestos-pe-prep.md). However, this is inherent to remote troubleshooting tools, and no malicious patterns were detected in the skill's logic itself.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 07:06 AM
Security Audit — agent-trust-hub — alibabacloud-ecs-linux-troubleshooting