alibabacloud-odps-project-manage
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the Alibaba Cloud CLI installation script from the vendor's official CDN at 'https://aliyuncli.alicdn.com/install.sh' and executes it via shell pipe.
- [COMMAND_EXECUTION]: Constructs and executes shell commands using the 'aliyun' CLI, interpolating user-supplied parameters for cloud resource management tasks.
- [COMMAND_EXECUTION]: Utilizes generated shell script logic to perform idempotent project deletion and multi-step success verification workflows.
- [PROMPT_INJECTION]: Processes external user data which is interpolated into shell commands, creating a potential surface for indirect prompt injection.
- Ingestion points: User-provided inputs for 'RegionId', 'projectName', and 'quotaNickName' in 'SKILL.md'.
- Boundary markers: Commands are constructed using direct string interpolation without explicit boundary delimiters or 'ignore embedded instructions' warnings.
- Capability inventory: The agent can execute arbitrary shell commands and generate multi-line scripts via the 'aliyun' CLI tool across the entire environment.
- Sanitization: The skill includes procedural guidelines for the agent to validate the 'typeSystem' parameter and check for empty strings in 'projectName' before execution.
Audit Metadata