alicloud-storage-oss-ossutil-test
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface where the agent downloads a file from an Alibaba Cloud OSS bucket and displays its content via the cat command in step 5. If the bucket content is controlled by an external actor, it could include instructions designed to manipulate the agent's logic.
- Ingestion points: Content is read from /tmp/ossutil-test-down.txt after being downloaded from a remote bucket.
- Boundary markers: No delimiters or ignore instructions are used for the downloaded data.
- Capability inventory: The skill uses shell execution via the ossutil tool and standard utilities.
- Sanitization: No validation or filtering of the file content is performed.
- [CREDENTIALS_UNSAFE]: The skill documentation explicitly references sensitive Alibaba Cloud credential locations such as ~/.alibabacloud/credentials. While the provided commands check the configuration and list buckets rather than printing secrets, identifying these paths in a tool-testing context highlights high-value targets for potential exposure.
Audit Metadata