aliyun-aicontent-generate-test

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes a local validation script tests/common/compile_skill_scripts.py using the system Python interpreter to check for syntax and structure errors in the target skill.
  • [PROMPT_INJECTION]: The skill incorporates an indirect prompt injection surface by instructing the agent to read and parse the SKILL.md file of an external skill to determine which API endpoint to test.
  • Ingestion points: Reads the documentation file skills/ai/content/aliyun-aicontent-generate/SKILL.md at runtime.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are used when parsing the external file content.
  • Capability inventory: Execution of local Python scripts and authenticated Alibaba Cloud API requests.
  • Sanitization: The instructions do not specify any validation or filtering of the content read from the target documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 12:47 PM
Security Audit — agent-trust-hub — aliyun-aicontent-generate-test