Aliyun Wan Digital Human

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Alibaba Cloud digital-human request helper, with privacy and credential-handling cautions but no hidden or mismatched behavior found.

Install only if you are comfortable sending image and audio URLs to Alibaba Cloud for digital-human generation. Use a dedicated restricted DashScope key where possible, avoid committing credentials or generated output files, prefer time-limited or access-controlled media URLs for personal images and voice recordings, and delete local request/evidence files when no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly tells users to make image and audio inputs public HTTP/HTTPS URLs, which can expose sensitive biometric and voice data to unintended parties and long-lived public access. In the context of a digital-human workflow, these assets are often personally identifying, so the lack of privacy warnings or safer alternatives materially increases data exposure risk.

Missing User Warnings

Low

Confidence: 84% confidence
Finding: The skill documents where to place the Alibaba Cloud API key but provides no warning about keeping credentials secret, avoiding commits to source control, or restricting file permissions. While this is common setup documentation, omission of basic credential-handling guidance increases the chance of accidental disclosure or insecure storage.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal