Skills
skills/cinience/alicloud-skills/alicloud-ai-recommend-airec-test/Gen Agent Trust Hub

alicloud-ai-recommend-airec-test

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute a local Python script (tests/common/compile_skill_scripts.py) to verify skill compilation.
  • [PROMPT_INJECTION]: The skill processes the content of an external SKILL.md file to identify API endpoints to test, which presents an indirect prompt injection surface.
  • Ingestion points: SKILL.md from the target recommendation skill path.
  • Boundary markers: Absent.
  • Capability inventory: Local command execution and cloud API calls.
  • Sanitization: No sanitization or validation of the ingested markdown content is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 02:31 PM