Skills
skills/cinience/alicloud-skills/alicloud-network-esa/Gen Agent Trust Hub

alicloud-network-esa

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill documentation identifies standard locations for Alibaba Cloud authentication credentials.
  • Evidence: SKILL.md references environment variables ALICLOUD_ACCESS_KEY_ID, ALICLOUD_ACCESS_KEY_SECRET, and the config file ~/.alibabacloud/credentials.
  • [EXTERNAL_DOWNLOADS]: The skill fetches machine-readable API documentation from a well-known service provider.
  • Evidence: scripts/list_openapi_meta_apis.py connects to api.aliyun.com to download ESA API metadata.
  • [COMMAND_EXECUTION]: Local scripts are used to automate the discovery of available cloud APIs.
  • Evidence: SKILL.md contains instructions to execute scripts/list_openapi_meta_apis.py using the Python interpreter.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface due to the ingestion of external API metadata.
  • Ingestion points: scripts/list_openapi_meta_apis.py (fetches JSON from api.aliyun.com).
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are used during metadata discovery.
  • Capability inventory: The skill can perform site management, DNS/record operations, and security rule changes via mutate APIs.
  • Sanitization: There is no evidence of content validation or sanitization for the fetched metadata fields.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 10:15 AM