aliyun-dashvector-search-test

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script (tests/common/compile_skill_scripts.py) to perform code validation during the smoke test.
  • [CREDENTIALS_UNSAFE]: The skill requires access to sensitive Alibaba Cloud credentials (ALIBABACLOUD_ACCESS_KEY_ID, ALIBABACLOUD_ACCESS_KEY_SECRET) to perform its reachability tests. While these are managed via environment variables (a standard practice), the skill's purpose is to utilize these secrets for external API interaction.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8).
  • Ingestion points: It reads instructions and API definitions from an external file (skills/ai/search/aliyun-dashvector-search/SKILL.md) to decide which API to execute.
  • Boundary markers: There are no delimiters or instructions to ignore potential commands embedded in the target file.
  • Capability inventory: The agent has the capability to execute shell commands (python3) and perform network API requests.
  • Sanitization: No sanitization or validation of the retrieved API name or parameters is mentioned before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 12:47 PM
Security Audit — agent-trust-hub — aliyun-dashvector-search-test