Skills
skills/abcfed/claude-marketplace/sls-trace-analyzer/Gen Agent Trust Hub

sls-trace-analyzer

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses sensitive local files including cloud credentials at ~/.config/sls-query/credentials.json and local source code located within ~/IdeaProjects/. This access is necessary for its stated purpose of log querying and code analysis.
  • [COMMAND_EXECUTION]: The skill executes shell commands to manage its environment and navigate codebases, including python, pip, and git commands (e.g., git checkout, git pull).
  • [EXTERNAL_DOWNLOADS]: The script sls-query.py makes network requests to Alibaba Cloud SLS endpoints (*.log.aliyuncs.com) to retrieve log data. This targets a well-known cloud service provider.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external log data which could potentially contain malicious instructions intended to manipulate the agent's behavior.
  • Ingestion points: Log data returned by the sls-query.py script from Alibaba Cloud SLS.
  • Boundary markers: None identified; log content is directly provided to the agent for analysis.
  • Capability inventory: The agent can read local files, execute shell commands (git, python), and perform network operations.
  • Sanitization: No specific sanitization or filtering of log content is implemented before analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 11:04 AM