通义晓蜜 - 智能外呼

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it uses Alibaba Cloud credentials to create and start outbound calling tasks, but that sensitive capability is disclosed and paired with explicit pre-call confirmation instructions.

Install only if you intentionally want an agent to place real outbound calls through your Alibaba Cloud account. Use least-privilege RAM credentials, confirm the exact phone list and call content before each run, check recipient consent and legal compliance, and expect cloud costs and phone-number data to be processed by Alibaba Cloud.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 92% confidence
Finding: The skill instructs the agent to read cloud credentials from environment variables and invoke a script that performs outbound network actions, but the skill metadata declares no permissions. This mismatch is a real security issue because it hides the skill's effective access to secrets and external services, reducing transparency and preventing proper policy review before a high-impact action like bulk calling is triggered.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal