Back to skill

Security audit

huawei-cloud-ucs-policy-governor

Security checks across malware telemetry and agentic risk

Overview

This skill appears to manage cloud/Kubernetes policy compliance, but some audit and verification instructions include credential creation and live enforcement changes that users should review carefully before installing.

Install only if you intend to let the agent help administer Huawei Cloud UCS policy and Kubernetes remediation. Use least-privilege cloud credentials, avoid running the verification/remediation steps against production without explicit review, treat generated kubeconfig files as sensitive secrets, and manually confirm any delete, disable, enable, register, or kubectl apply action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (14)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The compliance-audit task includes `RegisterCluster`, which expands from read-only auditing into onboarding new infrastructure. In an audit-oriented skill, this violates least privilege and can cause unauthorized resource enrollment or scope creep if an agent executes the workflow automatically.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The remediation workflow fetches kubeconfig credentials and uses `kubectl apply`, moving far beyond compliance auditing into privileged cluster administration. This creates a dangerous escalation path where an audit skill can obtain cluster access and modify workloads or security controls, especially if run by an autonomous agent.

Missing User Warnings

Low
Confidence
93% confidence
Finding
The skill documents destructive operations such as deleting policy instances and disabling enforcement directly in the main command sections without requiring an explicit confirmation or warning step immediately before execution. In a policy-governance context, accidental execution could remove enforcement or compliance controls, creating temporary security blind spots or configuration loss even if no credentials are exposed.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The document instructs users to grant powerful write permissions, including create, update, delete, and enable/disable governance controls, but does not clearly warn that these permissions can alter or weaken compliance enforcement across clusters or fleet groups. In the context of a policy governance skill, normalizing broad `Resource: ["*"]` access without scoped guidance increases the risk of accidental over-privileging and misuse if the skill or its operator is compromised.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow instructs disabling and re-enabling cluster policy without warning about service or enforcement consequences. In a governance context, temporarily disabling policy can create a compliance gap and allow unmanaged changes during the window, which is especially risky in production clusters.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The document writes kubeconfig credentials to `cluster-kubeconfig.yaml` without any warning about credential sensitivity, storage location, cleanup, or access controls. In agent-driven environments this can leak reusable cluster-admin access into logs, workspaces, artifacts, or multi-tenant hosts.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The guide instructs users to export long-lived cloud access keys into environment variables but does not warn about secret handling risks such as shell history persistence, accidental logging, process/environment leakage to child processes, or reuse in shared shells/CI environments. In a cloud administration skill, exposing AK/SK handling patterns is security-relevant because these credentials can grant broad control over UCS and related cloud resources if mishandled.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The enable/disable policy commands directly change security enforcement state for clusters and fleet groups, but the section does not consistently foreground the operational security consequences, especially that disabling enforcement suspends violation checks and enabling/retrying may alter admission behavior and block workloads. In a governance/compliance skill, omission of strong warnings can lead operators to weaken protections or cause disruptive policy changes without sufficient confirmation and rollback planning.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The verification guide instructs users to create, update, enable, disable, and delete UCS policy instances affecting clusters and fleet groups, but it does not consistently warn that these are state-changing operations with operational impact. A user treating this as routine verification could unintentionally alter enforcement behavior, trigger deny policies, suspend governance, or delete active policy instances in a real environment.

Credential Access

High
Category
Privilege Escalation
Content
hcloud UCS ListPolicyJobs --kind=EnablePolicy --cli-region=cn-north-4
hcloud UCS ShowPolicyJob --jobid=<job-id> --cli-region=cn-north-4

# 2. Access the cluster with kubeconfig
hcloud UCS CreateClusterKubeconfig --clusterid=<ucs-cluster-id> --cli-region=cn-north-4 > cluster-kubeconfig.yaml

# 3. Fix violations using kubectl
Confidence
99% confidence
Finding
kubeconfig

Credential Access

High
Category
Privilege Escalation
Content
hcloud UCS ShowPolicyJob --jobid=<job-id> --cli-region=cn-north-4

# 2. Access the cluster with kubeconfig
hcloud UCS CreateClusterKubeconfig --clusterid=<ucs-cluster-id> --cli-region=cn-north-4 > cluster-kubeconfig.yaml

# 3. Fix violations using kubectl
kubectl --kubeconfig=cluster-kubeconfig.yaml apply -f <fix-manifest>
Confidence
98% confidence
Finding
Kubeconfig

Credential Access

High
Category
Privilege Escalation
Content
hcloud UCS ShowPolicyJob --jobid=<job-id> --cli-region=cn-north-4

# 2. Access the cluster with kubeconfig
hcloud UCS CreateClusterKubeconfig --clusterid=<ucs-cluster-id> --cli-region=cn-north-4 > cluster-kubeconfig.yaml

# 3. Fix violations using kubectl
kubectl --kubeconfig=cluster-kubeconfig.yaml apply -f <fix-manifest>
Confidence
98% confidence
Finding
kubeconfig

Credential Access

High
Category
Privilege Escalation
Content
hcloud UCS CreateClusterKubeconfig --clusterid=<ucs-cluster-id> --cli-region=cn-north-4 > cluster-kubeconfig.yaml

# 3. Fix violations using kubectl
kubectl --kubeconfig=cluster-kubeconfig.yaml apply -f <fix-manifest>

# 4. Re-trigger enforcement
hcloud UCS DisableClusterPolicy --clusterid=<ucs-cluster-id> --cli-region=cn-north-4
Confidence
97% confidence
Finding
kubeconfig

Credential Access

High
Category
Privilege Escalation
Content
hcloud UCS CreateClusterKubeconfig --clusterid=<ucs-cluster-id> --cli-region=cn-north-4 > cluster-kubeconfig.yaml

# 3. Fix violations using kubectl
kubectl --kubeconfig=cluster-kubeconfig.yaml apply -f <fix-manifest>

# 4. Re-trigger enforcement
hcloud UCS DisableClusterPolicy --clusterid=<ucs-cluster-id> --cli-region=cn-north-4
Confidence
97% confidence
Finding
kubeconfig

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.