Skills
skills/cinience/alicloud-skills/alicloud-security-center-sas/Gen Agent Trust Hub

alicloud-security-center-sas

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The script scripts/list_openapi_meta_apis.py fetches OpenAPI metadata from https://api.aliyun.com. This is a well-known official service from Alibaba Cloud and is used only to retrieve API definitions, not executable code.
  • [CREDENTIALS_UNSAFE]: The skill mentions the use of sensitive environment variables like ALICLOUD_ACCESS_KEY_ID and ALICLOUD_ACCESS_KEY_SECRET, and references the credential file ~/.alibabacloud/credentials. These are standard practices for Alibaba Cloud SDKs and are documented as prerequisites for the user to configure, not hardcoded within the skill itself.
  • [COMMAND_EXECUTION]: The skill includes a validation step that runs python3 -m py_compile on its own scripts. This is a standard build-time check to ensure script integrity and does not pose a security risk.
  • [DATA_EXFILTRATION]: No evidence of data exfiltration was found. Network activity is limited to fetching metadata from official Alibaba Cloud domains.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 10:14 AM