Back to skill

Security audit

devtools-cli-huawei-cloud-cli-guidance

Security checks across malware telemetry and agentic risk

Overview

This is a Huawei Cloud KooCLI help skill, but it gives agents broad cloud-command authority and includes unsafe credential and installation guidance that users should review before installing.

Install only if you specifically want Huawei Cloud KooCLI assistance. Before using it, avoid entering AK/SK secrets in chat or inline commands, verify any downloaded installer through official Huawei Cloud documentation, redact debug output before sharing, and require explicit confirmation before any command that changes or deletes cloud resources.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The skill explicitly says AK/SK must never be exposed or directly entered, but elsewhere instructs users to pass `--cli-access-key` and `--cli-secret-key` on the command line. Command-line secrets are commonly exposed through shell history, process listings, logs, CI output, and shared transcripts, creating a realistic credential leakage path.

Vague Triggers

High
Confidence
96% confidence
Finding
The trigger list includes extremely broad everyday terms such as '云', 'yun', '工具', and generic service names. This can cause the skill to activate in unrelated conversations, unnecessarily steering users into cloud CLI workflows, credential handling, or command execution contexts where the skill is not appropriate.

Vague Triggers

High
Confidence
95% confidence
Finding
The description says to use this skill for 'any cloud-related services,' which is far broader than Huawei Cloud KooCLI. Overbroad invocation increases the chance that the skill is selected for unrelated cloud providers or general terminal tasks, where it may recommend unsafe, irrelevant, or misleading command patterns involving credentials and remote installation.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill recommends downloading and immediately executing a remote shell script with `curl ... && bash` without a prominent trust, integrity, or review warning. This is dangerous because it conditions users to run unverified remote code, and if the endpoint, transport, or referenced script is compromised, it can lead to arbitrary code execution on the user's machine.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The debugging guidance tells users to enable `--cli-debug=true` to inspect requests and authentication behavior, but it does not warn that debug output may contain sensitive request metadata, tokens, headers, identifiers, or other auth details. In a support or agent context, users may paste this output into chats or logs, leading to credential or environment disclosure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.