alibabacloud-dms-skill
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download the Alibaba Cloud CLI and update its plugins from official vendor domains such as
aliyuncli.alicdn.com. - [REMOTE_CODE_EXECUTION]: The installation guide includes a pattern to pipe a remote setup script directly to the shell (
curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash). This is a documented installation method from the official vendor. - [COMMAND_EXECUTION]: The skill executes local bash scripts (
search_database.shandexecute_query.sh) that wrap the Alibaba Cloud CLI tool. These scripts include input validation for parameters such as database IDs, region formats, and SQL statement length. - [CREDENTIALS_UNSAFE]: The skill contains explicit security instructions for the agent to never read, print, or echo Access Key or Secret Key values, and directs users to configure credentials through official, non-interactive CLI methods.
- [SAFE]: The execution script implements safety guards that block destructive DDL operations (DROP, TRUNCATE, ALTER, RENAME) and require a mandatory
--forceflag for DML operations (INSERT, UPDATE, DELETE).
Audit Metadata