aliyun-docmind-extract-test
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Executes a local script 'tests/common/compile_skill_scripts.py' using python3 to validate skill configuration.
- [CREDENTIALS_UNSAFE]: Uses environment variable placeholders (ALIBABACLOUD_ACCESS_KEY_ID and ALIBABACLOUD_ACCESS_KEY_SECRET) for Alibaba Cloud authentication, which is a secure practice for credential management.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface because it reads from an external file to determine which API calls to execute.
- Ingestion points: skills/ai/text/aliyun-docmind-extract/SKILL.md.
- Boundary markers: None; instructions do not include delimiters to separate the ingested documentation from the main prompt.
- Capability inventory: Local shell access via python3 and network access to Alibaba Cloud endpoints.
- Sanitization: None; the skill relies on the agent's internal safety filters and interpretation of the documentation.
Audit Metadata