ali-log
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill's implementation is consistent with its stated purpose of providing a wrapper for Alibaba Cloud Log Service.
- [CREDENTIALS_UNSAFE]: The skill uses environment variables (ALIBABA_CLOUD_ACCESS_KEY_ID, ALIBABA_CLOUD_ACCESS_KEY_SECRET) to manage sensitive credentials, which is the recommended secure approach. No hardcoded credentials were found.
- [DATA_EXFILTRATION]: All network requests are directed to standard Alibaba Cloud SLS endpoints based on the region configured by the user. There is no evidence of data being sent to unauthorized third-party domains.
- [EXTERNAL_DOWNLOADS]: The skill's dependency is the official aliyun-log-python-sdk, which is a well-known and trusted library for interacting with Alibaba Cloud services.
Audit Metadata