ClawHub

Alicloud Database Rds Supabase

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Alibaba Cloud RDS Supabase administration skill, but it can make real cloud changes and should be used with scoped credentials and explicit approvals.

Install only if you want an agent to help administer Alibaba Cloud RDS Supabase resources. Use least-privilege RAM credentials, confirm the exact region and instance before any mutating operation, avoid broad all-region queries unless needed, and redact passwords, access keys, certificates, endpoints, and storage credentials from saved outputs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The reference documents custom agent creation, updating, listing, and deletion capabilities that are not disclosed in the skill description. Hidden or under-declared agent-management functionality expands the effective attack surface, especially because SystemPrompt, tool enablement, and tool selection can materially change downstream agent behavior and permissions.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill explicitly supports mutating and destructive cloud actions such as creating, deleting, restarting instances, resetting passwords, and changing auth, SSL, and IP whitelist settings, but it does not present a clear safety warning or require explicit confirmation before high-impact operations. In a cloud administration context, this increases the chance of accidental service disruption, lockout, weakened security posture, or unauthorized changes if an agent executes user requests too eagerly.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The documentation lists highly sensitive parameters such as DatabasePassword, DashboardUsername, and DashboardPassword without any handling guidance. In an agent skill context, omission of secrecy warnings increases the chance that credentials will be logged, echoed back to users, stored in conversation history, or mishandled by integrating systems.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The storage configuration section includes cloud access-key fields such as AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY without any sensitivity warning. These credentials can provide direct access to external storage resources, so documenting them casually in a skill reference raises the risk of credential leakage through prompts, logs, traces, or UI surfaces.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
Documenting ResetInstancePassword without any warning about its security impact normalizes a highly sensitive administrative action. In this skill, password reset can directly change dashboard and database credentials, potentially causing account takeover, operational disruption, or lockout if invoked improperly or by an over-privileged workflow.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal