Back to skill

Security audit

Aliyun Qwen Coder

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Alibaba Qwen Coder helper, with normal cautions around external AI provider use, local saved prompts, and API key handling.

Install only if you are comfortable using Alibaba Cloud Model Studio for coding tasks. Use a dedicated API key where possible, keep credentials out of repositories and logs, send only the files needed for a task, and periodically clean the local output directory if prompts or request payloads may contain sensitive code.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documents network access to Alibaba Cloud and writes prompts, summaries, and request payloads to local output directories, but it does not declare permissions or clearly surface those capabilities. Undeclared network and file-write behavior weakens least-privilege controls and can cause users or orchestration systems to invoke the skill without understanding that code and potentially sensitive repository context may be transmitted or persisted.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The skill instructs users to set `DASHSCOPE_API_KEY` or place credentials in `~/.alibabacloud/credentials` but provides no warning about secret exposure, shell history leakage, file permissions, or accidental inclusion in logs and outputs. This is a real but lower-severity issue because poor credential-handling guidance increases the chance of secrets being mishandled during setup.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.