Session Persistence
Medium
- Category
- Rogue Agent
- Content
``` **Option B: Config File** Create `~/.alibabacloud/credentials`: ```json { "access_key_id": "your_access_key",- Confidence
- 83% confidence
- Finding
- Create `~/.alibabacloud
Security audit
dataworks-diagnoser
Security checks across malware telemetry and agentic risk
Overview
This is a coherent Alibaba Cloud DataWorks troubleshooting skill that needs careful credential and log handling but does not show hidden, destructive, or unrelated behavior.
Install only if you need to diagnose Alibaba Cloud DataWorks failures. Use a least-privilege RAM AccessKey limited to the documented read operations, prefer environment variables or a protected Aliyun profile over command-line secrets, set restrictive permissions on any credentials file, and treat fetched logs and saved reports as sensitive because they may contain SQL, endpoints, stack traces, or secrets.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Rogue AgentSelf-Modification, Session Persistence
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)
VirusTotal
67/67 vendors flagged this skill as clean.