alicloud-storage-oss-ossutil-test
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'ossutil' CLI to interact with Alibaba Cloud OSS storage for tasks like listing buckets and transferring files, which aligns with its primary purpose of testing storage connectivity.
- [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by downloading a file from an external OSS bucket and printing its content directly to the agent's context.
- Ingestion points: The downloaded file '/tmp/ossutil-test-down.txt' is ingested into the agent context via the 'cat' command.
- Boundary markers: The skill lacks delimiters or 'ignore' instructions to help the agent distinguish between data content and executable instructions in the file.
- Capability inventory: The skill utilizes file system access and the 'ossutil' CLI for cloud resource management as seen in SKILL.md.
- Sanitization: There is no evidence of validation or sanitization applied to the external content before it is displayed to the agent.
Audit Metadata