ClawHub

Alicloud Ai Translation Anytrans

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Alibaba Cloud translation helper that uses expected cloud credentials, Alibaba metadata calls, and local output files for its purpose.

Install this only if you intend to work with Alibaba Cloud TongyiTranslate/AnyTrans. Use least-privilege Alibaba credentials, expect calls to api.aliyun.com, and keep generated files under the documented output directory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill requires access to environment variables, network, and local file writes, but it does not declare these permissions explicitly. This creates a transparency and governance gap: operators may run the skill without understanding it can access cloud credentials and write fetched data locally, increasing the chance of unintended credential exposure or misuse.

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The skill advertises full AnyTrans resource management, status checks, and troubleshooting via OpenAPI/SDK, but the described executable path only performs metadata discovery and local artifact generation. This mismatch is dangerous because users may authorize cloud credentials and trust the skill for operational tasks it does not actually perform, while it still gains access to sensitive environment data and network/file capabilities under misleading pretenses.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal