alibabacloud-find-skills
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes legitimate
aliyunCLI commands to interact with the Alibaba Cloud AgentExplorer service, includinglist-categories,search-skills, andget-skill-content. It also utilizesnpxto install selected skills. - [EXTERNAL_DOWNLOADS]: The skill directs users to download the Alibaba Cloud CLI and its plugins from official, vendor-controlled domains such as
aliyuncli.alicdn.comand official GitHub repositories under thealiyunorganization. These are trusted sources for the skill's intended functionality. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it retrieves skill descriptions and content from an external repository that may include community-contributed content. However, the skill mitigates this risk by requiring explicit user confirmation for all parameters and search selections before execution.
- Ingestion points: Data enters the agent context via
aliyun agentexplorer search-skillsandget-skill-contentcommands. - Boundary markers: While explicit delimiters are not mentioned for search result display, the skill workflow mandates user confirmation for every step.
- Capability inventory: The skill can execute CLI commands and install new skills using
npx. - Sanitization: No explicit sanitization of fetched markdown is performed, but the content is presented as human-readable documentation.
Audit Metadata