huawei-cloud-flexus-l-server-ops
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads official Huawei Cloud SDK packages (core, ecs, bss, config) from the vendor's own repository at repo.huaweicloud.com.\n- [COMMAND_EXECUTION]: In
scripts/auth.py, theget_config_clientfunction explicitly setsconfig.ignore_ssl_verification = True. This disables SSL/TLS certificate validation, making the communication with Huawei Cloud APIs vulnerable to Man-in-the-Middle (MITM) attacks.\n- [COMMAND_EXECUTION]: Thescripts/password_unified.pyscript passes the new password for the instance as a command-line argument (--password). This is an insecure practice as the password may be visible to other users on the system via process monitoring tools and stored in shell history logs.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface.\n - Ingestion points:
scripts/query_instances.pyandscripts/password_unified.pyfetch instance names, descriptions, and statuses from the Huawei Cloud environment.\n - Boundary markers: Absent. The skill does not use delimiters or instructions to ignore embedded commands when processing retrieved cloud metadata.\n
- Capability inventory: The skill has significant capabilities, including server lifecycle control (start/stop/reboot) and password resets via the
scripts/lifecycle.pyandscripts/password_unified.pyfiles.\n - Sanitization: Absent. Data retrieved from the API is used directly without validation or escaping.
Audit Metadata