ClawHub

LZ Create - 多云迁移到腾讯云

Security checks across malware telemetry and agentic risk

Overview

Review before installing: this cloud-migration skill asks for cloud credentials and sends credential-bearing files to a remote MCP server over plain HTTP.

Install only if you trust the MCP server operator and network path. Prefer a verified HTTPS or self-hosted MCP endpoint, use short-lived read-only credentials scoped to the exact accounts and regions needed, keep session IDs private, rotate credentials afterward, and manually review all generated documents and Terraform before using them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
74% confidence
Finding
The activation text is broad enough to match ordinary conversations about cloud migration, Terraform, or resource scanning, which increases the chance of unintended invocation. In this skill, accidental activation is more dangerous because the workflow can solicit credentials, contact a remote server, and generate or overwrite local artifacts.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill explicitly instructs users to pass cloud AK/SK/token values into commands and send them to a remote MCP server, but it provides no warning, consent language, retention policy, or transport/security assurances. In context, this is especially dangerous because the skill is designed for multi-cloud inventory collection, so compromised credentials or silent exfiltration could expose broad cloud account metadata and potentially more depending on granted privileges.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The API documentation explicitly states that cloud access keys and secret keys in the Excel credential sheet are used for resource scanning and AI-assisted form completion, but it does not warn users that highly sensitive credentials are being collected, processed, stored in a workspace, and potentially retained for up to 24 hours. In a cloud-migration skill that handles multi-cloud credentials remotely, this omission materially increases the risk of accidental credential exposure, over-sharing, and unsafe operator behavior.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The CLI accepts raw cloud credentials via command-line arguments, injects them into an Excel workbook, and uploads that workbook to a remote MCP server over HTTP. This is dangerous because command-line credentials may be exposed through shell history and process listings, and the remote transfer sends highly sensitive secrets to an external server without an explicit warning, confirmation, or transport security.

Missing User Warnings

Low
Confidence
81% confidence
Finding
The helper writes downloaded content directly to the specified output path and will overwrite existing files without confirmation. While this is not typically a code-execution issue, it can cause loss of local data or accidental replacement of user files, especially because multiple commands default to fixed filenames.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal