Alibaba Cloud STS

Security checks across malware telemetry and agentic risk

Overview

This skill is for Alibaba Cloud STS access and is mostly coherent, but it can mint temporary cloud credentials with broad invocation guidance and limited confirmation guidance.

Review this before installing. Only use it when you intentionally want an agent to request Alibaba Cloud STS temporary credentials through OOMOL, and verify the role, session duration, permissions, and payload before any run. Treat returned credentials as secrets.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 89% confidence
Finding: The manifest says the skill is for "searching and reading data," but the documented actions actually mint temporary STS credentials via AssumeRole and federation flows. This misrepresents the privilege and sensitivity of the skill, which can cause an agent or user to invoke it under a lower-risk assumption and unintentionally obtain usable cloud credentials.

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The instruction to use this skill for ANY Alibaba Cloud STS request is overly broad and encourages automatic delegation of all STS-related tasks to a credential-issuing connector. In context, STS operations are highly sensitive because they produce temporary access credentials, so broad invocation language increases the chance of unnecessary or unsafe use.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal