aliyun-kms-manage
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill utilizes standard environment variables (
ALICLOUD_ACCESS_KEY_ID,ALICLOUD_ACCESS_KEY_SECRET) and local configuration files (~/.alibabacloud/credentials) for authentication. It provides clear instructions for least-privilege configuration and does not exfiltrate sensitive data. - [EXTERNAL_DOWNLOADS]: The included Python script
list_openapi_meta_apis.pyfetches API metadata from Alibaba Cloud's official domain (api.aliyun.com). This is a legitimate operation to ensure the agent has up-to-date information on available services. - [COMMAND_EXECUTION]: The skill executes local Python scripts and standard compilation checks (
py_compile). These operations are used for internal validation and service discovery within the scope of the skill's functional requirements. - [INDIRECT_PROMPT_INJECTION]: The skill processes JSON data from external API metadata. Because this data originates from a well-known and trusted cloud service provider, the risk of malicious instruction injection is minimal.
Audit Metadata