Alicloud Storage Oss Ossutil

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Alibaba Cloud OSS command-line helper whose elevated install steps, credential use, cloud storage actions, and local report files fit its stated purpose.

Install only if you trust the publisher and are comfortable installing ossutil from Alibaba-hosted binaries. Prefer a user-local install or verify official checksums/signatures when available, use least-privilege RAM credentials, avoid passing secrets directly on command lines, review any upload/sync/delete operation before execution, and keep validation output paths inside the project output folder.

SkillSpector

By NVIDIA

Vulnerability Patterns

Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (3)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 87% confidence
Finding: The skill invokes shell commands and writes local output artifacts, but it does not declare those capabilities or permissions. This creates a transparency and governance problem: callers may approve or run the skill without understanding that it can execute commands and modify the filesystem, which increases the risk of unintended side effects or misuse in higher-trust environments.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 74% confidence
Finding: The documented purpose says the skill installs, configures, and operates OSS, but the validation behavior described also checks internal documentation and writes a local report. This mismatch can mislead users and reviewers about what the skill actually does, reducing trust and making it easier for risky behavior to hide behind an innocuous description, even if the currently described extra behavior is not overtly harmful.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The installation instructions download software from the internet and perform system-wide changes under sudo, but they do not explicitly warn the user that these commands modify the host and require elevated privileges. This increases the chance of unsafe copy-paste execution on production or sensitive systems, especially because the downloaded binary is not integrity-verified before installation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal