ClawHub

huawei-cloud-find-skills

Security checks across malware telemetry and agentic risk

Overview

The skill is mainly a Huawei Cloud skill finder, but it can automatically install and hand off to other high-authority cloud-management skills without clear user confirmation.

Install only if you want an agent to search Huawei Cloud skills and potentially add more skills from external repositories. Before using it, require the agent to show the matched skill, source, and install command, and approve each installation and any cloud-changing action separately.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The activation scope is extremely broad: it directs the agent to use this skill for 'any Huawei Cloud query or management task,' even when the user may only be asking informational questions. Overbroad routing can cause unnecessary execution of tool-driven workflows, including later installation steps or external fetches, increasing the chance of unintended actions and privilege misuse.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to run package-management installation commands (`npx skills add`, `npx clawhub install`) as a mandatory workflow step, but provides no requirement for explicit user consent, trust verification, or package/source validation. This creates a real supply-chain and unauthorized-action risk, because an agent following the markdown could install and enable external code or skills simply from conversational context.

Vague Triggers

Medium
Confidence
89% confidence
Finding
Several listed skills use highly generic triggers such as "deploy", "test", "create", or broad product names, which can cause the dispatcher to invoke privileged cloud-operation skills from ordinary user requests. In a skill marketplace/index file, overbroad routing metadata is security-relevant because it increases the chance of unintended activation of write-capable skills and can lead to surprising infrastructure changes or access to sensitive workflows.

Vague Triggers

High
Confidence
97% confidence
Finding
The CLI guidance entry advertises activation for extremely broad terms like "Huawei Cloud", "云", and even generic "tool", while also covering IAM authentication and access credential configuration. This makes accidental routing into a credential-adjacent skill very likely, and broad activation around credential setup can expose users to unsafe guidance or unnecessary handling of secrets.

Vague Triggers

High
Confidence
96% confidence
Finding
The Terraform generator is activated by broad verbs and common resource nouns like create, deploy, network, ECS, or storage, which are common in benign cloud discussions. Because this skill can generate and execute infrastructure deployment, ambiguous activation materially raises the risk of unintended IaC generation or provisioning behavior from casual requests.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal