Skills
skills/cinience/alicloud-skills/alicloud-data-lake-dlf-next-test/Gen Agent Trust Hub

alicloud-data-lake-dlf-next-test

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions direct the agent to execute a local script python scripts/list_openapi_meta_apis.py to discover metadata and perform API requests.
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection because it processes metadata and responses from external API calls while possessing the capability to execute scripts and write to the file system. 1. Ingestion points: Output from scripts/list_openapi_meta_apis.py and responses from AliCloud OpenAPI calls. 2. Boundary markers: Absent; no delimiters or instructions to ignore embedded commands are specified. 3. Capability inventory: Execution of Python scripts and file writing to the output/ directory. 4. Sanitization: Absent; the skill does not explicitly validate or sanitize content returned from external sources before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 10:15 AM