Skills
skills/acedatacloud/skills/tencentcloud-cls-alarm/Gen Agent Trust Hub

tencentcloud-cls-alarm

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Provides the scripts/cls_alarm.py utility to wrap Tencent Cloud CLS API operations for alarm and notice management.
  • [EXTERNAL_DOWNLOADS]: Utilizes the official tencentcloud-sdk-python library for cloud service interactions.
  • [PROMPT_INJECTION]: The skill exposes an attack surface for indirect prompt injection through the ingestion of external cloud log data.
  • Ingestion points: Fetches data via GetAlarmLog in scripts/cls_alarm.py and SKILL.md examples.
  • Boundary markers: Lacks explicit delimiters for log content, though documentation mandates human confirmation for destructive tasks.
  • Capability inventory: Includes capabilities to create, modify, and delete cloud alarm policies and notice configurations.
  • Sanitization: Log content and alarm metadata are presented as-is from the cloud provider without additional sanitization.
  • [SAFE]: Credentials are managed via TENCENTCLOUD_SECRET_ID and TENCENTCLOUD_SECRET_KEY environment variables rather than being hardcoded.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 12:51 PM