ClawHub

Alicloud Platform Multicloud Docs Api Benchmark

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate documentation benchmarking skill, but it unnecessarily tells users to configure Alibaba Cloud credentials for a read-only public-docs workflow.

Review before installing. Use it only for public documentation benchmarking and local report generation, and do not provide Alibaba Cloud access keys unless a specific, reviewed command actually requires them. Treat any suggested mutating cloud operation as outside the verified purpose of this skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (8)

Dynamic attribute access via getattr()

Low
Category
Dangerous Code Execution
Content
preset_seeds = [str(x) for x in preset_seeds_raw if isinstance(x, str)]
        preset_seeds = [u for u in preset_seeds if domain_allowed(u, p.domains) or "github.com" in u.lower()]

        manual = getattr(args, f"{p.key}_links", "").strip()
        if manual:
            links = [x.strip() for x in manual.split(",") if x.strip()]
            links = [u for u in links if domain_allowed(u, p.domains)]
Confidence
50% confidence
Finding
manual = getattr(args, f"{p.key}_links", "").strip()

Lp3

Medium
Category
MCP Least Privilege
Confidence
70% confidence
Finding
Without declared permissions the skill's intent is opaque and cannot be validated.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The manifest and the rest of the file describe discovering official documentation links, scoring docs quality, and writing local benchmark artifacts. However, the prerequisites section instructs users to configure Alibaba Cloud credentials and says to ask before 'mutating operations,' which contradicts the stated read-only benchmarking workflow and implies cloud-account actions not described elsewhere.

Natural-Language Policy Violations

Low
Confidence
97% confidence
Finding
The code hard-codes an `Accept-Language` header of `en-US,en;q=0.9,zh-CN;q=0.8` for fetched content. This imposes language/locale preferences on all requests rather than letting the user choose or documenting a justified region-specific constraint, which matches the policy's language/locale violation category.

External Transmission

Medium
Category
Data Exfiltration
Content
"skills/platform/docs/alicloud-platform-multicloud-docs-api-benchmark/references/scoring.json"
)
GCP_DISCOVERY_APIS = "https://discovery.googleapis.com/discovery/v1/apis"
GITHUB_API_SEARCH_CODE = "https://api.github.com/search/code?q="

DEFAULT_SCORING_PROFILE = {
    "link_cap": 8,
Confidence
60% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
def alicloud_openapi_signals(product: str) -> dict[str, Any]:
    try:
        zh = fetch_json("https://api.aliyun.com/meta/v1/products.json?language=ZH_CN")
        en = fetch_json("https://api.aliyun.com/meta/v1/products.json?language=EN_US")
    except Exception:
        return {"resolved": False}
Confidence
60% confidence
Finding
https://api.aliyun.com/

External Transmission

Medium
Category
Data Exfiltration
Content
def alicloud_openapi_signals(product: str) -> dict[str, Any]:
    try:
        zh = fetch_json("https://api.aliyun.com/meta/v1/products.json?language=ZH_CN")
        en = fetch_json("https://api.aliyun.com/meta/v1/products.json?language=EN_US")
    except Exception:
        return {"resolved": False}
Confidence
60% confidence
Finding
https://api.aliyun.com/

External Transmission

Medium
Category
Data Exfiltration
Content
if not version:
        return {"resolved": True, "product": best, "api_count": None}

    api_url = f"https://api.aliyun.com/meta/v1/products/{code}/versions/{version}/api-docs.json"
    try:
        docs = fetch_json(api_url)
        apis = docs.get("apis") if isinstance(docs, dict) else None
Confidence
60% confidence
Finding
https://api.aliyun.com/

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal