Aliyun Green Moderation

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Alibaba Cloud Content Moderation helper that uses expected cloud credentials and writes local API metadata artifacts.

Install only if you intend to manage Alibaba Cloud Green moderation resources. Use a least-privilege Alibaba Cloud key or role, confirm the target region and resource IDs before create/update actions, and review any files saved under output/aliyun-green-moderation/.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (3)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill instructs use of environment credentials, local file output, and network-based OpenAPI access, but does not declare corresponding permissions. This creates hidden capability risk: an agent or reviewer may approve the skill without realizing it can access secrets, write artifacts, and contact external services, which weakens least-privilege controls and auditability.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 95% confidence
Finding: The skill advertises management of Alibaba Cloud Green resources and troubleshooting workflows, but the described executable path centers on metadata discovery and local documentation generation instead of the claimed operational tasks. This mismatch is dangerous because users and orchestrators may invoke the skill for privileged cloud-management actions while it performs different network activity, undermining informed consent, policy review, and reliable security scoping.

Vague Triggers

Medium

Confidence: 80% confidence
Finding: The invocation description is broad enough to capture many generic moderation-management requests, increasing the chance the skill is selected outside a narrowly intended context. In combination with credential use, file writing, and network access, over-broad routing can cause unnecessary exposure of cloud credentials or unintended external calls for tasks that do not require this specific skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal