aliyun-dashvector-search-test
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script (
tests/common/compile_skill_scripts.py) to perform code validation during the smoke test. - [CREDENTIALS_UNSAFE]: The skill requires access to sensitive Alibaba Cloud credentials (
ALIBABACLOUD_ACCESS_KEY_ID,ALIBABACLOUD_ACCESS_KEY_SECRET) to perform its reachability tests. While these are managed via environment variables (a standard practice), the skill's purpose is to utilize these secrets for external API interaction. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8).
- Ingestion points: It reads instructions and API definitions from an external file (
skills/ai/search/aliyun-dashvector-search/SKILL.md) to decide which API to execute. - Boundary markers: There are no delimiters or instructions to ignore potential commands embedded in the target file.
- Capability inventory: The agent has the capability to execute shell commands (
python3) and perform network API requests. - Sanitization: No sanitization or validation of the retrieved API name or parameters is mentioned before execution.
Audit Metadata