alicloud-media-video-translation-test
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a Python script located at
tests/common/compile_skill_scripts.pyto perform a check on skill script compilation. This involves direct shell invocation within the agent's environment.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection vulnerability surface because it processes untrusted data from other skill files to drive its own execution logic.\n - Ingestion points: The agent is instructed to read the file
skills/media/video/alicloud-media-video-translation/SKILL.mdin Step 2.\n - Boundary markers: There are no instructions to use boundary markers or to ignore potential instructions embedded within the target
SKILL.mdfile.\n - Capability inventory: The skill has access to shell execution (
python3) and authenticated cloud API calls using AliCloud credentials.\n - Sanitization: No sanitization or validation of the content read from the external file is performed before the agent uses that content to formulate and execute API calls.
Audit Metadata