Skills
skills/cinience/alicloud-skills/aliyun-zimage-turbo/Gen Agent Trust Hub

aliyun-zimage-turbo

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFECREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The Python script scripts/generate_image.py is designed to read sensitive authentication data from ~/.alibabacloud/credentials or the DASHSCOPE_API_KEY environment variable to authenticate with Alibaba Cloud services.
  • [DATA_EXFILTRATION]: The skill allows the API endpoint (base_url) to be overridden via user-provided JSON input. This creates a potential data exfiltration surface where the DASHSCOPE_API_KEY could be sent to an arbitrary external URL if the input is manipulated by a malicious actor.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8):
  • Ingestion points: Untrusted data enters the agent context through the prompt and base_url fields in the JSON request passed to scripts/generate_image.py.
  • Boundary markers: No delimiters or safety instructions are provided to distinguish between system instructions and user-supplied data within the prompts.
  • Capability inventory: The skill has the ability to perform authenticated network requests and write files to the local file system.
  • Sanitization: The script does not validate the base_url parameter to ensure it originates from or targets legitimate Alibaba Cloud domains before sending the authentication token.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 03:31 PM