alibabacloud-ecs-sec-inspect
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
subprocess.runto execute numerous system auditing commands such aslsmod,modinfo, anddmesg, which require root privileges viasudo. This is a core requirement for system-level forensics. - [CREDENTIALS_UNSAFE]: Forensic modules like
auth_analyzer.pyandmemory_forensics_analyzer.pyscan for and analyze sensitive files including/etc/shadow, SSH private keys, and API tokens to identify credential exposure. This data is audited locally to generate risk reports. - [EXTERNAL_DOWNLOADS]: The skill provides instructions to download a pre-built Python 3.11 binary from a well-known repository (
indygreg/python-build-standalone) on GitHub to ensure environment compatibility for the scan engine. - [PROMPT_INJECTION]: The toolkit includes specialized modules to detect prompt injection and behavioral override attempts in the AI agents it monitors, providing a layer of defense rather than presenting a risk to the host agent.
- [DATA_EXFILTRATION]: Configuration files allow for the optional reporting of scan results to a centralized security server via the
SEC_SERVER_ENDPOINTparameter, which is standard behavior for automated security monitoring solutions.
Audit Metadata