The Agent Skills Directory

[SAFE]: The skill's implementation aligns with its stated purpose of facilitating access to Alibaba Cloud AI services. It follows documented patterns for API usage with official SDKs and endpoints.- [EXTERNAL_DOWNLOADS]: The skill suggests installing the dashscope Python package, which is the official SDK for Alibaba Cloud's Model Studio. This is a trusted dependency for the intended platform.- [DATA_EXFILTRATION]: Network operations are directed towards dashscope.aliyuncs.com, which is the legitimate service endpoint for the provider. The skill correctly identifies the use of environment variables and credential files for secure API key management.- [PROMPT_INJECTION]: The script scripts/prepare_generation_request.py takes user-supplied strings to construct model requests. This constitutes an indirect prompt injection surface; however, because the script only generates local JSON files and lacks autonomous execution or sensitive data access, the risk is negligible and consistent with the skill's primary function.
Ingestion points: --prompt and --system command-line arguments in scripts/prepare_generation_request.py.
Boundary markers: None identified in the payload construction script.
Capability inventory: The script writes a JSON file to the local filesystem and prints status to stdout.
Sanitization: No input sanitization or validation is performed on the prompt strings.

aliyun-qwen-generation