spring-ai-alibaba
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a documentation resource for the Spring AI Alibaba integration, facilitating the use of Alibaba Cloud's Qwen models.
- [CREDENTIALS_UNSAFE]: The instructions and code snippets correctly use environment variable placeholders (${DASHSCOPE_API_KEY}) for API keys, adhering to secure credential management practices.
- [EXTERNAL_DOWNLOADS]: The skill specifies the use of official Maven and Gradle dependencies from the com.alibaba.cloud.ai group, which is the recognized and trusted provider for these integrations.
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface through prompt templates and user message handling. 1. Ingestion points: User input enters the system via the
message,style, andquestionparameters in the Java methods defined inSKILL.md. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the prompt templates. 3. Capability inventory: The skill facilitates network operations to Alibaba Cloud's AI APIs (DashScope); it does not include subprocess execution or file system write capabilities. 4. Sanitization: There is no evidence of input validation or sanitization before the user input is interpolated into the prompts.
Audit Metadata