alibabacloud-analyticdb-mysql-copilot
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a legitimate administrative tool for managing Alibaba Cloud resources and adheres to the security guidelines established by the vendor.
- [CREDENTIALS_UNSAFE]: The skill contains prominent security rules that strictly prohibit reading, printing, or requesting AccessKey or SecretKey values. It provides safe alternatives for credential management via external configuration files.
- [COMMAND_EXECUTION]: The skill executes commands through the official
aliyunCLI. It includes a critical 'Cluster ID Recognition Rule' that sanitizes user input by enforcing a specific prefix (am-oramv-) and a fixed character length, effectively mitigating potential command injection attempts. - [EXTERNAL_DOWNLOADS]: Installation and setup instructions refer exclusively to official Alibaba Cloud domains (
aliyuncli.alicdn.com) and trusted package managers like Homebrew. According to security policies, these vendor-owned resources are considered safe.
Audit Metadata