ClawHub

huawei-cloud-flexus-l-server-ops

Security checks across malware telemetry and agentic risk

Overview

The skill matches its Huawei Cloud server-operations purpose, but it contains unsafe credential-handling guidance and disables TLS checks for one cloud client, so users should review it before installing.

Install only if you intend to let this skill operate Huawei Cloud Flexus L servers, including start/stop/reboot, password reset, and metadata changes. Use temporary, least-privilege credentials; avoid examples that pass AK/SK, tokens, or passwords as command-line arguments; do not run credential-printing verification commands; and fix or review the disabled TLS verification before using it in a sensitive account.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
83% confidence
Finding
AuthManager exposes a Config client even though the skill is described as Flexus L instance and traffic-package operations. That creates undeclared cloud-service reach using the same credentials, increasing the blast radius if other parts of the skill call this method or if the skill is later extended in unsafe ways; the risk is amplified by the method also disabling SSL verification.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The verification instructions tell users to run `env | grep CLOUD_SDK`, which can print active access key and secret key values directly to the terminal, shell history context, logs, or screen recordings. In an infrastructure-operations skill that manages cloud instances, exposing AK/SK credentials is especially risky because those secrets can enable unauthorized instance management and broader account compromise depending on IAM scope.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal