alibabacloud-yike-storyboard
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes official aliyun CLI commands to manage cloud configurations and interact with Intelligent Media Services. Evidence: SKILL.md.
- [COMMAND_EXECUTION]: A provided script scripts/upload_to_oss.sh automates the retrieval of temporary STS credentials and the upload of user content to Alibaba Cloud OSS. The script includes security controls such as path traversal prevention and file constraint validation. Evidence: scripts/upload_to_oss.sh.
- [EXTERNAL_DOWNLOADS]: Documentation directs users to download the official CLI binary from Alibaba Cloud's verified CDN at aliyuncli.alicdn.com. Evidence: references/cli-installation-guide.md.
- [SAFE]: The skill ingests user script data for AI processing. Ingestion points: Local file access and upload via scripts/upload_to_oss.sh. Boundary markers: Not explicitly defined for the LLM analysis phase. Capability inventory: Execution of local CLI tools and network data transfer to Alibaba Cloud services. Sanitization: Verification of file path integrity and size/type constraints in the helper script. Evidence: scripts/upload_to_oss.sh.
Audit Metadata