aliyun-docmind-extract-test

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes a local script 'tests/common/compile_skill_scripts.py' using python3 to validate skill configuration.
  • [CREDENTIALS_UNSAFE]: Uses environment variable placeholders (ALIBABACLOUD_ACCESS_KEY_ID and ALIBABACLOUD_ACCESS_KEY_SECRET) for Alibaba Cloud authentication, which is a secure practice for credential management.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface because it reads from an external file to determine which API calls to execute.
  • Ingestion points: skills/ai/text/aliyun-docmind-extract/SKILL.md.
  • Boundary markers: None; instructions do not include delimiters to separate the ingested documentation from the main prompt.
  • Capability inventory: Local shell access via python3 and network access to Alibaba Cloud endpoints.
  • Sanitization: None; the skill relies on the agent's internal safety filters and interpretation of the documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 12:47 PM
Security Audit — agent-trust-hub — aliyun-docmind-extract-test