Skills
skills/huaweicloud/huaweicloud-skills/huawei-cloud-obs-upload/Gen Agent Trust Hub

huawei-cloud-obs-upload

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the download of official Huawei Cloud management tools (hcloud and obsutil) from the vendor's own infrastructure (*.myhuaweicloud.com). These downloads are necessary for the skill's primary tasks.
  • [REMOTE_CODE_EXECUTION]: Installation procedures for the required CLI tools involve fetching shell scripts from the vendor's official domain and executing them. This behavior is consistent with standard deployment practices for these cloud management utilities.
  • [COMMAND_EXECUTION]: The skill executes shell commands to perform cloud storage operations and to manage system-level scheduled tasks. It specifically uses crontab on Unix-like systems and schtasks on Windows to enable the periodic upload feature.
  • [CREDENTIALS_UNSAFE]: Although the skill operates using sensitive Access Keys (AK/SK), it includes prominent security constraints that prevent the agent from requesting these keys in chat or hardcoding them in scripts. It correctly directs users to secure local configuration files or environment variables.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 01:44 AM
Security Audit — agent-trust-hub — huawei-cloud-obs-upload