alibabacloud-sas-incident-manage
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [SAFE]: The skill provides instructions for managing security incidents via the official Alibaba Cloud CLI and its cloud-siem plugin.
- [SAFE]: Instructions include security best practices such as masking sensitive information (IP addresses, instance IDs) in output and strictly forbidding the display or manual entry of credentials.
- [SAFE]: The skill implements input validation for parameters such as incident UUIDs using regex patterns to ensure data integrity and prevent potential injection.
- [EXTERNAL_DOWNLOADS]: The skill documents how to download the Aliyun CLI binary from official vendor domains (alicdn.com) and install plugins via the official CLI tool. These are recognized as legitimate vendor resources.
- [NO_CODE]: Reference documents refer to a Python script named scripts/siem_client.py for verification and permission testing, but this file is not included in the provided skill package.
Audit Metadata