The Agent Skills Directory

[DATA_EXFILTRATION]: The skill documentation and scripts reference the sensitive file path ~/.alibabacloud/credentials. This path is the standard location for Alibaba Cloud credentials and is accessed by the required official SDKs to authenticate actions performed by the skill.
[PROMPT_INJECTION]: The skill has an indirect prompt injection attack surface. Ingestion points: Metadata such as names and descriptions are fetched from the Alibaba Cloud API in scripts like scripts/list_instances.py. Boundary markers: The skill does not use delimiters to isolate data retrieved from the API. Capability inventory: The skill can execute high-impact commands including scripts/delete_load_balancer.py and scripts/update_rule.py. Sanitization: Resource metadata from the API is processed without sanitization or validation.

alicloud-network-alb