ClawHub

Alicloud Platform Docs Api Review

Security checks across malware telemetry and agentic risk

Overview

The docs-review script appears read-only, but the skill unnecessarily asks users to configure Alibaba Cloud credentials and mentions mutating operations.

Review before installing. The visible code does not appear destructive or malicious, but do not provide Alibaba Cloud access keys for this skill unless the publisher explains the exact read-only need and removes or tightly scopes the mutating-operation language.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill explicitly instructs running a Python script that performs network access and writes artifacts to disk, but the skill declares no permissions or capability boundaries. This creates a transparency and governance gap: an agent or reviewer may treat the skill as lower risk than it is, while it can still fetch remote content and persist data locally, increasing the chance of unintended data exposure, unsafe execution, or policy bypass.

Intent-Code Divergence

Medium
Confidence
83% confidence
Finding
The skill is presented as a read-only documentation and API review tool, yet it requests Alibaba Cloud credentials and references asking before 'mutating operations.' That mismatch can normalize providing privileged credentials to a task that should not need them, and it suggests the underlying code path may be broader than advertised, raising the risk of credential misuse or unintended cloud actions.

VirusTotal

53/53 vendors flagged this skill as clean.

View on VirusTotal