ClawHub

Alicloud Ai Text Document Mind

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Alibaba Cloud document-processing helper, but users should treat submitted documents and cloud credentials carefully.

Install only if you intend to use Alibaba Cloud Document Mind. Use least-privilege, preferably short-lived credentials, do not paste secrets into chats or logs, and only process documents that are approved to leave your local environment and be handled by Alibaba Cloud.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The validation section claims to validate a Node.js skill, but the commands actually attempt to compile Python files in a scripts directory. This can cause users or automation to incorrectly conclude the skill has been validated when the relevant JavaScript code was never checked, allowing broken or unsafe code paths to pass review undetected.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs users to supply Alibaba Cloud access keys via environment variables without any guidance on secure handling, storage, scope, or redaction. In an agent workflow, this increases the chance that long-lived secrets are overexposed, logged, reused broadly, or injected into untrusted execution contexts.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill encourages submitting document URLs and uploading local files to a third-party cloud document-processing API without clearly warning that document contents and metadata leave the local environment. This can lead to inadvertent disclosure of sensitive, regulated, or proprietary documents, especially in coding-agent workflows where users may assume processing is local.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The script submits a document URL provided via environment variable to Alibaba Cloud DocMind without any explicit disclosure, confirmation, or validation around external data transmission. In a document-understanding workflow, this can cause operators to unknowingly send sensitive internal documents to a third-party cloud service, creating confidentiality and compliance risks even if the code is otherwise functioning as intended.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal