cloudbase

Pass

Audited by Gen Agent Trust Hub on May 29, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXPOSURE_&_EXFILTRATION]: The skill provides guidelines for secure authentication using official CloudBase tools (queryAppAuth, manageAppAuth). It explicitly advises against hardcoding secrets, recommending the use of environment variables or secret management tools (tcb secrets).
  • [REMOTE_CODE_EXECUTION]: The skill mentions the installation of official Node.js and Python packages (e.g., @cloudbase/js-sdk, cloudbase-agent-server). These are well-known vendor resources from 'tencentcloudbase'. It also describes the deployment of cloud functions and CloudRun services, which is the primary intended functionality of the platform.
  • [COMMAND_EXECUTION]: Development guides for cloud functions and AI agents include instructions for creating startup scripts (scf_bootstrap) and using tools like create_bash_tool. While these allow command execution, they are documented as standard features for server-side logic and agent capabilities within the vendor's ecosystem.
  • [INDIRECT_PROMPT_INJECTION]: The AI Agent framework (cloudbase-agent) creates an attack surface for indirect prompt injection as it ingests untrusted user messages via the RunAgentInput protocol.
  • Ingestion points: User messages enter the system through the /send-message or /agui endpoints described in references/cloudbase-agent/ts/server-quickstart.md.
  • Boundary markers: The protocol uses structured message objects, but the documentation does not explicitly mandate delimiters for untrusted content.
  • Capability inventory: Agents can be equipped with powerful tools including file system access and shell execution (create_bash_tool) as listed in references/cloudbase-agent/py/skill.md.
  • Sanitization: No specific sanitization or filtering logic is detailed in the guides, relying on the underlying LLM's safety filters and the developer's implementation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 29, 2026, 11:05 AM
Security Audit — agent-trust-hub — cloudbase