ClawHub

Alibabacloud Ack Cli

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Alibaba Cloud ACK admin helper, but it asks users to grant very broad cloud permissions and includes risky setup patterns that deserve review before installation.

Install only if you intentionally want an agent to help administer Alibaba Cloud ACK from your terminal. Use a least-privilege RAM role or short-lived STS credentials where possible, avoid root or long-lived broad access keys, review install scripts before running remote installers, protect generated kubeconfig files, and require explicit confirmation for delete, grant, kubeconfig, and other write or privilege-changing commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
78% confidence
Finding
The trigger list includes broad operational phrases like `debug cs error`, `kubectl cannot connect`, and other common Kubernetes/ACK wording that could cause the skill to activate in loosely related conversations. Over-broad invocation increases the chance the agent offers or executes sensitive cloud-management commands when the user did not explicitly intend to use this high-privilege skill.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The guide recommends executing a remote installer directly via `curl | bash`, which runs network-fetched code immediately with no integrity verification, pinning, or warning. In an infrastructure-admin context, this is risky because a compromised host, mirror, DNS path, or replaced script could execute arbitrary commands on the operator's machine, potentially exposing cloud credentials and cluster access.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The credential examples instruct users to place access keys and secrets on the command line and in environment variables without nearby operational safety guidance. In practice, these values can leak through shell history, process listings, CI logs, screenshots, shared terminals, or copied examples, leading to cloud account compromise.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The document recommends attaching a very broad ACK RAM policy with destructive, privilege-management, and credential-retrieval actions on Resource "*" and does not warn operators about the blast radius. In the context of an agent skill that can perform cluster lifecycle, RBAC, and kubeconfig operations, this can enable cluster deletion, privilege escalation, and credential exposure if the skill is misused or compromised.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal