Alicloud Data Lake Dlf Next

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Alibaba Cloud DLF Next helper that uses cloud credentials and can guide resource changes, so it should be installed only for intentional cloud-management work.

Install only if you want an agent to help manage Alibaba Cloud DLF Next. Use a RAM user or role limited to the specific DLF Next actions needed, set and confirm the region and resource IDs before use, and explicitly approve any create, update, modify, or set operation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill declares no explicit permissions while instructing behavior that uses environment variables, filesystem writes, and outbound network access. This is dangerous because operators and policy engines cannot accurately evaluate or constrain the skill's effective capabilities, increasing the chance of unintended secret access or data egress during execution.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 93% confidence
Finding: The skill claims it manages DlfNext resources, including create/update and troubleshooting operations, but the described executable path only performs OpenAPI metadata discovery and local artifact generation. This mismatch is dangerous because users may authorize the skill expecting one bounded function while it actually performs different network activity, undermining informed consent and making it easier to hide unexpected behavior in a cloud-integrated skill.

Missing User Warnings

Medium

Confidence: 85% confidence
Finding: The skill explicitly directs use of Alibaba Cloud credentials from environment variables and shared credential files without any warning about secret handling, redaction, or least-exposure practices. In a skill that also performs network access and writes artifacts, this increases the risk of accidental credential leakage through logs, debug output, mis-scoped code, or unintended reuse of high-privilege credentials.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal