The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The installation process in SKILL.md and references/cli-installation-guide.md involves downloading and executing a shell script from https://aliyuncli.alicdn.com/install.sh. This is the official installer for the Alibaba Cloud CLI provided by the vendor and is used for legitimate environment setup.
[COMMAND_EXECUTION]: The script scripts/pds_poll_processor.py executes the aliyun CLI tool using subprocess.run. The implementation uses shell=False and passes the command as a list of arguments, which effectively prevents shell injection vulnerabilities.
[EXTERNAL_DOWNLOADS]: Scripts including doc_analysis_formatter.py, video_analysis_formatter.py, and ppt_extraction.py perform HTTP GET requests to download structured analysis data and media. These operations target signed URLs generated by the PDS service for the purpose of retrieving processing results.
[CREDENTIALS_UNSAFE]: The skill explicitly instructs against the direct input or printing of Access Keys (AK) and Secret Keys (SK) in SKILL.md, directing users toward secure configuration methods and environment variables instead.

alibabacloud-pds-multimodal-search