Huawei Cloud Cce Cluster Upgrade Planner

Security checks across malware telemetry and agentic risk

Overview

This is a planning-only skill on paper, but it includes live Huawei Cloud CCE upgrade commands and describes some of them as previews in a way that could cause unintended cluster changes.

Install only if you want an agent to help draft and review CCE upgrade plans. Treat every generated hcloud upgrade, workflow, addon, pause, continue, retry, or cancel command as a live production-impacting operation, and require a separate human review outside the agent before running it.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Description-Behavior Mismatch

High

Confidence: 93% confidence
Finding: The skill claims upgrade actions are only previews gated by two-step confirmation, but the documented workflow includes real state-changing commands such as UpgradeCluster and CreateUpgradeWorkFlow. In an agent setting, presenting destructive commands as 'preview' materially increases the chance that an automation layer or operator will execute them prematurely, causing irreversible cluster upgrades or service disruption.

Intent-Code Divergence

High

Confidence: 95% confidence
Finding: The file states that all upgrade execution preview commands require explicit confirmation, yet it embeds executable upgrade operations directly in the normal workflow and core command examples. This contradiction weakens operator trust boundaries and can lead an agent to treat live upgrade commands as routine assessment steps, resulting in unintended upgrades, node disruption, or workflow creation.

Intent-Code Divergence

High

Confidence: 97% confidence
Finding: The skill asserts a two-step confirmation mechanism and labels the shown action as a non-mutating preview, but the documented command is `hcloud CCE UpgradeCluster`, which appears to be the actual state-changing upgrade operation. This mismatch can cause an agent or operator to execute an irreversible control-plane upgrade while believing they are only previewing actions, creating a serious risk of unintended production changes.

Intent-Code Divergence

Medium

Confidence: 86% confidence
Finding: The skill gives conflicting operational guidance: one section says addon upgrades must occur after the cluster reaches the target version, while another instructs including addon upgrades inside the cluster upgrade command. In an automation context, contradictory instructions can lead to unsafe sequencing, failed upgrades, or partial platform incompatibility during a critical maintenance event.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal