ClawHub

Alicloud Ai Content Aimiaobi

Security checks across malware telemetry and agentic risk

Overview

This appears to be a normal Alibaba Cloud AiMiaoBi helper skill, with expected cloud-credential and live-operation risk that users should control carefully.

Install this only if you want an agent to help with Alibaba Cloud AiMiaoBi tasks. Use least-privilege Alibaba Cloud credentials, start with read-only list/describe actions, and explicitly confirm the region, resource ID, and intended change before allowing any create, update, modify, set, or delete-style operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill instructs use of environment credentials, network access to Alibaba Cloud/OpenAPI endpoints, and local file writes, but does not declare permissions explicitly. This creates a transparency and governance gap: an agent or reviewer may underestimate the skill's ability to access secrets, make external requests, and persist data. In a cloud-management skill, those capabilities are expected, but undeclared access still increases the risk of unintended credential use, unauthorized API calls, or storage of sensitive response data.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill describes using Alibaba Cloud AccessKeys and performing mutating operations such as Create, Update, Modify, and Set, but it does not provide a clear user-facing warning that these actions can change cloud resources and incur security or billing consequences. In a cloud administration context, this omission is dangerous because users may authorize execution without understanding that credentials are sensitive and that the skill can alter account state. The skill context makes this more dangerous, not less, because it targets real cloud resources and operational workflows.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal