云效项目协作工具

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a coherent Yunxiao project-management client, but its create-workitem command can modify business data while ignoring the advertised category option.

Install only if you trust the publisher and can tolerate agent-assisted changes to Yunxiao work items. Use a least-privilege Yunxiao token, review mutation commands before running them, avoid relying on create-workitem category selection until fixed, and delete .user-cache.json if local name and user-ID metadata should not remain on disk.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Intent-Code Divergence

High

Confidence: 90% confidence
Finding: The help text tells users that create-workitem supports Req/Bug/Task categories, but the implementation ignores the supplied category and always uses a fixed workitemTypeId. In a project-management automation tool, this can cause unauthorized or unintended creation of the wrong artifact type, undermining workflow controls, audit accuracy, and change-management expectations.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The script persists user identity mappings to a local .user-cache.json file without notice, consent, retention limits, or file-permission hardening. In this context, the cached data includes names and internal user IDs from a corporate project system, which can expose organizational metadata to other local users or to unrelated processes on the host.

Unpinned Dependencies

Low

Category: Supply Chain
Content: "author": "", "license": "ISC", "dependencies": { "@alicloud/devops20210625": "^5.0.3", "@alicloud/openapi-client": "^0.4.15" } }
Confidence: 88% confidence
Finding: "@alicloud/devops20210625": "^5.0.3"

Unpinned Dependencies

Low

Category: Supply Chain
Content: "license": "ISC", "dependencies": { "@alicloud/devops20210625": "^5.0.3", "@alicloud/openapi-client": "^0.4.15" } }
Confidence: 88% confidence
Finding: "@alicloud/openapi-client": "^0.4.15"

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal