The Agent Skills Directory

[SAFE]: The skill uses the official Alibaba Cloud CLI and communicates only with legitimate Alibaba Cloud API endpoints (ecs, vpc, cms). All external downloads for the CLI tool are sourced from the official vendor CDN (aliyuncli.alicdn.com).
[SAFE]: The instructions include robust security guidelines for credential management, explicitly forbidding the printing, reading, or direct input of AccessKeys (AK/SK) within the session, and recommending the use of RAM roles and temporary STS tokens.
[COMMAND_EXECUTION]: The skill utilizes the Aliyun CLI to perform cloud infrastructure queries and management. This is the intended primary function and is implemented using the standard kebab-case plugin mode with proper user-agent headers.
[REMOTE_CODE_EXECUTION]: The 'Deep Diagnostics' feature uses Alibaba Cloud Assistant (RunCommand) to execute system-level diagnostics within the target ECS instance. The skill enforces a strict workflow requiring explicit user approval before performing these operations.
[DATA_EXPOSURE_AND_EXFILTRATION]: While the skill accesses sensitive instance metadata and monitoring metrics, it does so within the scope of diagnostics. No patterns of data exfiltration to unauthorized third-party domains were detected.
[INDIRECT_PROMPT_INJECTION]: The skill processes data returned from Cloud Assistant commands and cloud APIs. While this creates a theoretical attack surface if the instance output is malicious, the skill's structure and the nature of the vendor-managed environment minimize this risk.

alibabacloud-ecs-diagnose