ClawHub

Alibabacloud Cloudbackup Ecs File Backup Essential Edition

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly coherent for Alibaba Cloud ECS backup management, but it asks agents to run an unverified remote installer and make persistent Aliyun CLI configuration changes before use.

Install only if you are comfortable with an agent using your configured Alibaba Cloud identity to manage Cloud Backup resources and with local Aliyun CLI settings being changed. Prefer installing or updating Aliyun CLI manually from official instructions, review the requested HBR/RAM permissions, and confirm auto-plugin-install and AI-Mode settings after use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill directs the agent to enable automatic plugin installation globally on the local Alibaba Cloud CLI without explicit user consent or warning. This changes local execution behavior and can cause future commands to fetch and install software automatically, increasing supply-chain and unintended-code-execution risk beyond the immediate task.

Missing User Warnings

High
Confidence
99% confidence
Finding
Piping a remotely downloaded script directly into `bash` executes unverified code from the network immediately on the user's machine. If the remote host, transport path, or script content is compromised, this can lead to arbitrary code execution with the privileges of the current user and full compromise of local credentials or cloud tooling.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal