ClawHub

huawei-cloud-maas-tokens-usage

Security checks across malware telemetry and agentic risk

Overview

This skill does the advertised Huawei Cloud MaaS usage lookup, but its script disables HTTPS certificate verification while using cloud credentials.

Install only if you are comfortable reviewing or patching the helper script first. Remove verify=False, do not print credential files, use least-privilege Huawei Cloud keys, and confirm the skill is invoked only for Huawei Cloud MaaS usage queries.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
79% confidence
Finding
The trigger list includes broad terms like request count, error count, tokens usage, and statistics, which could activate the skill for unrelated monitoring or token/accounting requests. Over-broad invocation increases the chance the agent runs a credentialed cloud-query skill in the wrong context, exposing metadata or causing unintended external calls.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The example explicitly disables TLS certificate verification with `verify=False`, which allows man-in-the-middle interception or tampering of supposedly HTTPS-protected API traffic. In this skill’s context, the request is authenticated with AK/SK-style signed headers and may expose sensitive request metadata or enable response spoofing, so presenting this as a troubleshooting example without a strong warning is unsafe.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation includes credential-handling examples that encourage users to inspect or provide secrets without any warning about sensitive data exposure. In particular, showing a command like `cat /path/to/aksk.txt` normalizes printing secret material to the terminal, shell history, logs, or screenshots, which can lead to accidental credential disclosure.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The end-to-end verification script performs a real authenticated API call using a hardcoded local credential file path, but provides no warning about secret handling, file permissions, or the risks of embedding local paths in shared documentation. This can encourage unsafe practices such as storing long-lived credentials in predictable locations and running examples that expose secrets through process arguments, logs, or copied scripts.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
The code disables TLS certificate verification for all HTTPS requests to IAM and MaaS endpoints, which allows a man-in-the-middle attacker to intercept or alter supposedly secure traffic. In this skill, those requests include signed cloud API calls and usage data queries, making the context especially sensitive because credentials and returned statistics could be exposed or tampered with.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal