alibabacloud-waf-quick-showcase
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the use of the Alibaba Cloud CLI to manage infrastructure. It includes comprehensive input validation rules, such as regex matching for Region IDs and CIDR blocks, and explicitly filters hazardous shell characters (e.g., semicolons, pipes, and backticks) to mitigate command injection risks.
- [CREDENTIALS_UNSAFE]: The skill implements strong credential management policies. It mandates desensitization of passwords using placeholders like '***' or '[REDACTED]' in command echoes and logs. Furthermore, it strictly prohibits hardcoded AccessKeys, requiring users to authenticate via OAuth mode.
- [EXTERNAL_DOWNLOADS]: Installation instructions reference the official Alibaba Cloud CLI binary packages hosted on the vendor's verified distribution network (aliyuncli.alicdn.com). These references are documented as standard setup procedures for the required toolset.
- [PROMPT_INJECTION]: The skill manages potential injection risks in user-supplied configuration by requiring manual parameter confirmation and enforcing strict schema validation before any resource creation commands are executed.
Audit Metadata