alibabacloud-cfw-exposure-detection
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill uses the official Aliyun CLI and targets official Alibaba Cloud API endpoints (aliyun.com, alicdn.com) for its operations.
- [SAFE]: It contains explicit safeguards to prevent the exposure of sensitive credentials, such as instructions against printing configuration details and warnings about secure credential management.
- [SAFE]: The skill recommends output desensitization, specifically the masking of IP addresses and instance IDs, to protect sensitive customer infrastructure details.
- [COMMAND_EXECUTION]: The skill relies on Aliyun CLI commands to interact with security APIs. It provides comprehensive installation and secure configuration guidance for the tool.
- [PROMPT_INJECTION]: The instructions include directives for the agent to execute commands autonomously without user confirmation. While this reduces user oversight, it is consistent with the tool's intended purpose as a streamlined security audit workflow.
- [PROMPT_INJECTION]: The skill processes untrusted data from security APIs which presents a theoretical indirect prompt injection surface. The risk is assessed as safe due to the read-only nature of the tool and the recommended masking of data. Ingestion points: API responses from DescribeInternetOpenIp and DescribeInternetOpenPort. Boundary markers: Absent. Capability inventory: Aliyun CLI command execution. Sanitization: Recommended output desensitization of IPs and IDs.
Audit Metadata