alicloud-database-rds-supabase
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [NO_CODE] (SAFE): The skill consists exclusively of Markdown and YAML files providing instructions and API references. No scripts, binaries, or automated installation steps were found.
- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8) as it processes untrusted external data. \n
- Ingestion points: The agent retrieves user-generated content via
GetConversationsandGetMessages(identified inreferences/api_overview.md). \n - Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are defined for the retrieved data. \n
- Capability inventory: The skill allows for high-impact operations including
DeleteAppInstance,ResetInstancePassword, andModifyInstanceAuthConfigwhich could be exploited (identified inreferences/api_reference.md). \n - Sanitization: No sanitization or validation logic is mentioned for external content.
- [DATA_EXFILTRATION] (LOW): The skill instructs the agent to read credentials from
~/.alibabacloud/credentials(File:SKILL.md). This is a sensitive file path; however, it is a standard authentication method for Alibaba Cloud services and no exfiltration logic is present.
Audit Metadata