huawei-cloud-business-support-query
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The
scripts/ensure_env.pyscript downloads theget-pip.pysetup utility from well-known and official sources, including bootstrap.pypa.io and Huawei Cloud's official mirrors, to ensure the environment has a functional package manager. - [COMMAND_EXECUTION]: The environment preparation scripts (
check_env.sh,check_env.ps1, andensure_env.py) use shell commands to install system-level dependencies, manage Python virtual environments, and install the required Huawei Cloud SDK packages. - [COMMAND_EXECUTION]:
scripts/ensure_env.pyusesos.execvfor process replacement to transition execution into the newly created Python virtual environment, which is a standard practice for ensuring dependency isolation. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing external data from cloud APIs.
- Ingestion points: Data returned from various Huawei Cloud billing and resource APIs across the query scripts.
- Boundary markers: No explicit delimiters are used to separate API-returned data from agent instructions.
- Capability inventory: Subprocess execution and process replacement capabilities are present in the environment setup script (
scripts/ensure_env.py). - Sanitization: API responses are processed and output without explicit filtering for embedded natural language instructions.
Audit Metadata