The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/query-resource-types.py utilizes subprocess.run to invoke the aliyun command-line utility. This execution is used to retrieve resource type information from the cloud service provider. The script employs safe practices by using a list of arguments and restricting the language parameter to predefined options.
[EXTERNAL_DOWNLOADS]: The references/cli-installation-guide.md documentation provides links to download the official Aliyun CLI from the vendor's Content Delivery Network (aliyuncli.alicdn.com). These references are intended for user-driven environment setup.
[DATA_EXFILTRATION]: The skill includes robust security instructions that explicitly forbid the agent from printing, echoing, or requesting sensitive Access Keys or Secret Keys. It directs the agent to verify credential status using aliyun configure list only, minimizing the risk of credential exposure.
[DATA_EXFILTRATION]: The skill ingests untrusted data from cloud resource names and tags which creates a surface for indirect prompt injection. 1. Ingestion points: Resource metadata and tags retrieved via search APIs in references/related-apis.md. 2. Boundary markers: None present in the processing scripts. 3. Capability inventory: Subprocess execution of the Aliyun CLI and network access via the same tool. 4. Sanitization: The helper script scripts/query-resource-types.py performs JSON parsing on CLI output. The risk is assessed as low given the structured nature of the data processing.

alibabacloud-resourcecenter-search