alibabacloud-pds-intelligent-workspace
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructs the agent to download and execute the Aliyun CLI installation script from a vendor-controlled domain (aliyuncli.alicdn.com) via a shell pipe. This is the official installation method provided by the vendor.
- [EXTERNAL_DOWNLOADS]: Fetches binaries and configuration packages for the PDS mount application and CLI plugins from Alibaba Cloud's official CDN. These downloads are necessary for the skill's stated features.
- [COMMAND_EXECUTION]: Performs system-level operations including driver installation (msiexec), service registration (systemctl/launchd), and the creation of scheduled tasks. These actions are legitimate and required for the primary purpose of mounting a cloud drive to the local filesystem.
- [SAFE]: The skill includes explicit security instructions for the agent to prevent the exposure of Alibaba Cloud Access Keys and mandates the use of secure configuration practices over plaintext credential handling.
Audit Metadata