The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill instructs the agent to use sensitive Alibaba Cloud credentials found in environment variables (ALICLOUD_ACCESS_KEY_ID, ALICLOUD_ACCESS_KEY_SECRET) and the shared configuration file at ~/.alibabacloud/credentials.
[EXTERNAL_DOWNLOADS]: The list_openapi_meta_apis.py script downloads API metadata from the official Alibaba Cloud domain api.aliyun.com. This is used for resource discovery and is documented neutrally as a trusted service operation.
[PROMPT_INJECTION]: The skill contains an indirect prompt injection surface by fetching and processing external API metadata to generate documentation. Evidence Chain: 1. Ingestion points: JSON metadata fetched from api.aliyun.com. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded content are used. 3. Capability inventory: The skill can execute Python scripts and shell commands. 4. Sanitization: The fetched data is parsed and written to markdown files without validation or escaping.
[COMMAND_EXECUTION]: The SKILL.md file defines shell commands for creating output directories, compiling Python scripts via py_compile, and writing validation logs.

alicloud-ai-content-aicontent