alibabacloud-ecs-sec-inspect

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses subprocess.run to execute numerous system auditing commands such as lsmod, modinfo, and dmesg, which require root privileges via sudo. This is a core requirement for system-level forensics.
  • [CREDENTIALS_UNSAFE]: Forensic modules like auth_analyzer.py and memory_forensics_analyzer.py scan for and analyze sensitive files including /etc/shadow, SSH private keys, and API tokens to identify credential exposure. This data is audited locally to generate risk reports.
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download a pre-built Python 3.11 binary from a well-known repository (indygreg/python-build-standalone) on GitHub to ensure environment compatibility for the scan engine.
  • [PROMPT_INJECTION]: The toolkit includes specialized modules to detect prompt injection and behavioral override attempts in the AI agents it monitors, providing a layer of defense rather than presenting a risk to the host agent.
  • [DATA_EXFILTRATION]: Configuration files allow for the optional reporting of scan results to a centralized security server via the SEC_SERVER_ENDPOINT parameter, which is standard behavior for automated security monitoring solutions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 07:08 AM
Security Audit — agent-trust-hub — alibabacloud-ecs-sec-inspect