Skills
skills/cinience/alicloud-skills/aliyun-bdrc-backup/Gen Agent Trust Hub

aliyun-bdrc-backup

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The script scripts/list_openapi_meta_apis.py fetches API documentation from Alibaba Cloud's official metadata service at api.aliyun.com. This is a legitimate operation for discovering available cloud service actions.\n- [COMMAND_EXECUTION]: The skill includes instructions to execute a provided Python script for API discovery and a validation command that uses the standard py_compile module. These operations are restricted to the skill's own scripts and the designated output directory.\n- [SAFE]: Indirect Prompt Injection Surface analysis: \n
  • Ingestion points: API metadata retrieved from api.aliyun.com in scripts/list_openapi_meta_apis.py.\n
  • Boundary markers: Absent in the workflow instructions.\n
  • Capability inventory: Local script execution and cloud API interaction capabilities.\n
  • Sanitization: No explicit sanitization of the fetched JSON metadata prior to use by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 10:21 AM