alibabacloud-dataworks-workspace-manage
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides instructions to download and execute an installation script for the Aliyun CLI using a
curl | bashpattern. The source URL (https://aliyuncli.alicdn.com/install.sh) is the official Alibaba Cloud CDN, making this a legitimate operation for the skill's purpose. - [EXTERNAL_DOWNLOADS]: Binaries and installation packages for the Aliyun CLI are downloaded from official vendor infrastructure (
aliyuncli.alicdn.com). These resources are necessary for the skill to interact with the cloud service. - [COMMAND_EXECUTION]: The skill uses the
aliyunCLI tool to perform operations such as creating, updating, and deleting DataWorks workspaces and managing member roles. These commands use structured flags and parameters consistent with standard cloud management practices. - [PROMPT_INJECTION]: The skill accepts user-provided parameters (e.g., workspace names, IDs, role codes) which are interpolated into shell commands.
- Ingestion points: File
SKILL.mdcontains multiple workflows where placeholders like<workspace-name>and<user-id>are used. - Boundary markers: Absent in the command templates.
- Capability inventory: Shell execution of the
aliyunCLI tool (documented inSKILL.md). - Sanitization: The skill includes a dedicated 'Parameter Confirmation' section requiring the agent to have the user confirm all customizable parameters before execution, which serves as a significant security guardrail.
Audit Metadata