ClawHub

Alicloud Security Content Moderation Green

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Alibaba Cloud Content Moderation helper that uses normal cloud credentials and local output files, with no evidence of hidden exfiltration or unsafe automatic behavior.

Install only if you intend to let the agent inspect or change Alibaba Cloud Content Moderation resources. Configure least-privilege Alibaba Cloud credentials, confirm region/resource IDs and every create/update/modify/set action before execution, and review or delete generated output files if they contain internal cloud details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill instructs use of environment credentials, networked API access, and local file writes, but does not declare permissions that would let a caller or platform understand and constrain those capabilities. This creates a transparency and containment problem: users may invoke a skill that can access sensitive cloud credentials and write artifacts without an explicit permission boundary.

Tp4

High
Category
MCP Tool Poisoning
Confidence
90% confidence
Finding
The declared purpose says the skill manages Alibaba Cloud Green moderation resources and policies, but the described executable path focuses on metadata discovery and saving API inventory artifacts locally rather than actually performing the claimed resource operations. This mismatch is dangerous because it can mislead users and orchestration systems about what the skill really does, expanding trust and invocation scope for behavior that is not accurately disclosed.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The invocation description is broad enough to match many generic cloud-management tasks, which can cause the skill to be selected outside a narrowly intended context. Because the skill also involves credential use, network access, and potential mutation workflows, overly broad routing increases the chance of unintended execution against sensitive cloud environments.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal