aliyun-modelstudio-entry-test-test
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script (
tests/common/compile_skill_scripts.py) to perform an offline compilation check of skill scripts. This is a standard development and testing procedure that does not involve remote code or elevated privileges. - [CREDENTIALS_UNSAFE]: The skill instructions reference standard Alibaba Cloud environment variables (
ALIBABACLOUD_ACCESS_KEY_ID,ALIBABACLOUD_ACCESS_KEY_SECRET,ALIBABACLOUD_REGION_ID) for authentication. It correctly follows security best practices by using environment variables and recommending least-privilege configurations instead of hardcoding secrets. - [INDIRECT_PROMPT_INJECTION]: The skill involves reading a local file (
SKILL.mdof a sibling skill) and executing API calls based on its contents. While this represents a data ingestion surface, the source is local to the repository and the operations are restricted to read-only API calls.
Audit Metadata