Skills
skills/cinience/alicloud-skills/alicloud-media-mps-test/Gen Agent Trust Hub

alicloud-media-mps-test

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script tests/common/compile_skill_scripts.py using python3 to perform an offline compilation check of another skill.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its ingestion of external data.
  • Ingestion points: The skill reads skills/media/mps/alicloud-media-mps/SKILL.md to identify API endpoints to call.
  • Boundary markers: No boundary markers or instructions to ignore embedded commands are present when processing the target skill file.
  • Capability inventory: The agent has the capability to execute shell commands (python3) and make network requests to Alibaba Cloud APIs.
  • Sanitization: No sanitization or validation of the content read from the target SKILL.md is performed before the agent uses it to determine its next action.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 02:31 PM