alibabacloud-ecs-windows-online-troubleshooting

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests untrusted data from various system sources including event logs, initialization logs, and cloud metadata. This data is interpreted by the agent to diagnose issues, creating a surface for indirect prompt injection.
  • Ingestion points: references/cloud-vminit.md (user-data and vminit logs), references/performance-lifecycle.md (Event Logs), and references/system-crash.md (BugCheck messages).
  • Boundary markers: The skill does not implement specific delimiters or safety warnings for the data ingested from these sources within its PowerShell scripts.
  • Capability inventory: The agent has high system-level capabilities, including administrative PowerShell execution and registry modification.
  • Sanitization: No explicit sanitization or filtering of log content is performed before the data is presented to the agent context.
  • [COMMAND_EXECUTION]: The skill utilizes administrative PowerShell commands to perform system diagnostics and remediation (e.g., modifying registry keys, changing service states, and adjusting firewall rules). This risk is mitigated by a mandatory instruction in SKILL.md that prohibits automatic execution and requires explicit user confirmation for all repair scripts.
  • [EXTERNAL_DOWNLOADS]: Fetches configuration data and tests connectivity using Alibaba Cloud's official internal service endpoints.
  • Evidence: The skill communicates with 100.100.100.200 (Metadata service), ntp.cloud.aliyuncs.com (Time service), kms.cloud.aliyuncs.com (Activation service), and update.cloud.aliyuncs.com (Update service).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 07:08 AM
Security Audit — agent-trust-hub — alibabacloud-ecs-windows-online-troubleshooting