ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Alibabacloud Dsc Audit

v0.0.1

Query and handle security risk events from Alibaba Cloud Data Security Center. Supports viewing the list of unprocessed risk events and performing manual han...

0· 27·0 current·0 all-time
byalibabacloud-skills-team@sdk-team
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires walletRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name, description, SKILL.md, and included Python scripts all align: they call DescribeRiskRules and PreHandleAuditRisk on Alibaba Cloud DSC (Sddp). However the registry metadata declares no required environment variables or binaries, while the SKILL.md explicitly requires Alibaba Cloud credentials and recommends verifying the Aliyun CLI (aliyun) >= 3.3.1. The missing declaration of those requirements in metadata is an inconsistency (likely omission) but not proof of malicious intent.
Instruction Scope
Runtime instructions and scripts remain within scope: they only call the two DSC APIs, validate user-provided RiskId/HandleDetail, paginate queries, and print results. The SKILL.md advises not to echo AK/SK and to configure credentials outside the session. The included references show examples of configuring credentials (placeholders), which is expected for usability but should be followed carefully. No unrelated file reads, external endpoints, or exfiltration behavior are present in the code.
Install Mechanism
There is no formal install spec in the registry (instruction-only), but SKILL.md instructs users to pip install packages from PyPI (alibabacloud_* SDK packages). Those packages are expected for this function and are proportionate. Because installation is done via pip at runtime, advise using an isolated virtualenv. No downloads from untrusted servers or URL-shortened installers are present in the files.
!
Credentials
The skill requires Alibaba Cloud credentials to operate (CredentialClient in the code will pull credentials from environment, config file, or ECS role), yet the registry metadata lists no required env vars or 'primary credential'. Also SKILL.md includes a pre-check for the Aliyun CLI while metadata lists no required binaries. This mismatch can lead users to miss that their cloud credentials (or instance role) will be used. The credentials requested are proportionate to the stated purpose (only DSC APIs), but the omission in metadata is a notable coherence/visibility problem.
Persistence & Privilege
The skill does not request persistent or elevated platform privileges: always is false, it does not modify other skills or system-wide settings, and it does not claim autonomous always-on presence. It behaves as a normal user-invocable skill that runs SDK calls when executed.
What to consider before installing
What to consider before installing/running this skill: - The skill legitimately needs Alibaba Cloud credentials (AK/SK, STS, or instance RAM role). The package metadata did not declare required env vars or a primary credential — make sure you provide credentials securely (use environment variables, ~/.aliyun/config.json, or ECS RAM role), and do not paste secrets into chat. - Follow least-privilege practice: create a RAM user or role that only has yundun-sddp:DescribeRiskRules and yundun-sddp:PreHandleAuditRisk (or only DescribeRiskRules if you only need queries). Test with a read-only policy first. - The SKILL.md suggests verifying the Aliyun CLI (aliyun) >= 3.3.1; the metadata didn't list this binary requirement. If you rely on the CLI for config, ensure it's from the official source. - Installation uses pip to install Alibaba Cloud SDK packages from PyPI — run these in an isolated virtualenv or container to avoid contaminating system Python packages. Review the requirements.txt before installing. - The included Python code appears to only call the two DSC APIs and performs input validation. Still, review the scripts yourself and, if possible, run them in a safe environment with a low-privilege account before granting production credentials. - If you want higher confidence, ask the publisher for clarifications: (1) why metadata omits credential and binary requirements, (2) who maintains the skill and a homepage/source repository, and (3) whether the skill will be updated/maintained. If those answers are missing, exercise extra caution.

Like a lobster shell, security has layers — review code before you run it.

latestvk977k5j94tc7vdyp3zmgzvvfw984fxgr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments