aliyun-ecs-manage
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a script
scripts/run_remote_command.pythat utilizes the Alibaba Cloud 'RunCommand' API to execute arbitrary shell commands on managed ECS instances. This is a core functionality of the skill intended for remote administration and troubleshooting. - [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of official Alibaba Cloud SDK packages (e.g.,
alibabacloud_ecs20140526,alibabacloud_cms20190101) from standard package registries. These are recognized dependencies for interacting with Alibaba Cloud services. - [INDIRECT_PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing data from external API responses, such as instance metadata and command output from remote servers.
- Ingestion points: API responses processed in
scripts/list_instances_all_regions.pyand command output retrieved inscripts/run_remote_command.py. - Boundary markers: None identified in the script outputs or documentation instructions.
- Capability inventory: The skill can perform remote command execution on cloud instances and write data to the local
output/directory. - Sanitization: The skill decodes base64 output from the cloud assistant but does not perform additional sanitization or filtering on the retrieved content before displaying it.
Audit Metadata