Skills
skills/aliyun/alibabacloud-aiops-skills/alibabacloud-iqs-search/Gen Agent Trust Hub

alibabacloud-iqs-search

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes content from external websites and search results.\n
  • Ingestion points: scripts/readpage.mjs (web page content) and scripts/search.mjs (search snippets and results).\n
  • Boundary markers: Content is not encapsulated in protective delimiters.\n
  • Capability inventory: Network communication via Node.js native fetch and configuration file reading from the home directory.\n
  • Sanitization: Validates that URLs use http or https protocols.\n- [EXTERNAL_DOWNLOADS]: The skill performs network requests to cloud-iqs.aliyuncs.com to fulfill its search and scraping functions. These requests target the vendor's official API infrastructure.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 10:26 AM